1. Open the EventLog Analyzer UI, go to the Settings tab ⇾ Configuration ⇾ Manage Application Sources ⇾ SQL Servers tab ⇾ click on "Update" next to the Instance Name ⇾ check the Server details and verify the Instance Authentication.

2. Only if the "Advanced Auditing" check box is enabled, the DDL/DML auditing will be enabled and the corresponding logs will be collected. Please note that doing this will push a set of 11 Audit Specifications to the SQL instance:

1. FAILED_LOGIN_GROUP

2. SUCCESSFUL_LOGIN_GROUP

3. DATABASE_OBJECT_CHANGE_GROUP

4. DATABASE_PRINCIPAL_CHANGE_GROUP

5. SCHEMA_OBJECT_CHANGE_GROUP

6. SERVER_PRINCIPAL_CHANGE_GROUP

7. LOGIN_CHANGE_PASSWORD_GROUP

8. SERVER_STATE_CHANGE_GROUP

9. SERVER_ROLE_MEMBER_CHANGE_GROUP

10. DATABASE_ROLE_MEMBER_CHANGE_GROUP

11. DATABASE_CHANGE_GROUP

3. Remote login to the SQL Server and check whether the SQL logs are logged in the Event Viewer ⇾ Application logs with the event ID 33205.

4. Make sure that the Event Viewer retains logs for at least 20 minutes for all the events to be collected properly.
   

5. To increase the log storage size, open Event Viewer ⇾ Windows logs ⇾ right-click on "Application logs" ⇾ increase the value set in "Maximum log size ( KB )".
   

6. Column Integrity Monitoring collects only future changes (Post updating/enabling the option in the UI).

7. Click here to learn more about adding and auditing an MSSQL DB with step-by-step instructions along with the screenshots. 

Oracle: Learn more about adding and auditing an Oracle DB via EventLog Analyzer here.