Improving clients MSSQL platform and they have 400+ service accounts, many with sysadmin privileges and likely only a sub set are being used. Versions are 2008/R2 and 2012.
What are the best options to capture all DB access attempts and filter the logins. Server Side Trace, XE (2012) or is there another less hassle method. End goals is to quantity x amount of logins did access databases, x amount of logins did not.