<a href="http://g.adspeed.net/ad.php?do=clk&zid=15220&wd=468&ht=60&pair=as" target="_blank"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15220&wd=468&ht=60&pair=as" alt="i" width="468" height="60"/></a>
Log in
::
Register
::
Not logged in
Home
Tags
Articles
Editorials
Stairways
Forums
Scripts
Videos
Blogs
QotD
Books
Ask SSC
SQL Jobs
Training
Authors
About us
Contact us
Newsletters
Write for us
<a href="http://g.adspeed.net/ad.php?do=clk&zid=15491&wd=120&ht=300&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15491&wd=120&ht=300&pair=as" alt="i" width="120" height="300"/></a>
Recent Posts
Recent Posts
Popular Topics
Popular Topics
Home
Search
Members
Calendar
Who's On
Home
»
SQLServerCentral.com
»
Editorials
»
The Need for Auditing
The Need for Auditing
Rate Topic
Display Mode
Topic Options
Author
Message
Steve Jones - SSC Editor
Steve Jones - SSC Editor
Posted Thursday, December 04, 2008 8:02 PM
SSC-Dedicated
Group: Administrators
Last Login: Yesterday @ 3:26 PM
Points: 31,425,
Visits: 13,738
Comments posted to this topic are about the item
The Need for Auditing
Follow me on Twitter:
@way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
Post #614233
GSquared
GSquared
Posted Friday, December 05, 2008 7:31 AM
SSCoach
Group: General Forum Members
Last Login: 2 days ago @ 1:55 PM
Points: 15,442,
Visits: 9,571
I use trace logs and trigger-based auditing. (I even wrote articles about it for this site last summer.) I've found those to be quite adequate to my needs.
I have a proc that takes a database and table name, a "main search field" (usually the PK) and a couple of other input parameters, and it does all the work for me of creating a a log table (in my DBALog database) for the database, creating the logging trigger (based on a sparse XML structure that only stores columns that have changed), and creating search and undo procs for any logged transaction, customized to the columns in the table being logged. Takes about 2 seconds to add logging to any table and is pretty much fire-and-forget. Of course, sometimes I'll modify the trigger so that it deviates from the default, but that's uncommon.
I also have the default trace running, and two custom traces running on the databases that need it the most. All are set to restart if the SQL Service restarts (from a reboot or whatever). It generally works out to keeping about 3-4 days of data.
And I have a DDL trigger in every production database and in "model" that logs schema/code changes, including who made the change, when, and the script used. I've had to make a few filters for this, because maintenance plan index rebuilds otherwise end up junking up the log, but beyond that it's been quite handy.
Those are what I use for auditing. Some of it may be overkill, but performance hasn't been hurt to an extent that any user can tell the difference, and it has come in quite handy quite a few times.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
Post #614529
SuperDBA-207096
SuperDBA-207096
Posted Monday, December 08, 2008 4:44 AM
UDP Broadcaster
Group: General Forum Members
Last Login: Wednesday, January 02, 2013 12:15 PM
Points: 1,443,
Visits: 711
Ahhh auditing...
I've used mostly trigger based auditing through the years on stuff I've designed, although a few clients did do auditing in the data layer, which worked really well for them.
Based on the application architecture and auditing requriements it was a good approach for them.
DDL triggers are great for capturing DDL changes. I've used them in environment where security has been less than optimal due to company policies, but thats another discussion.
Post #615454
Steve Jones - SSC Editor
Steve Jones - SSC Editor
Posted Monday, December 08, 2008 9:09 AM
SSC-Dedicated
Group: Administrators
Last Login: Yesterday @ 3:26 PM
Points: 31,425,
Visits: 13,738
Not many people auditing, or maybe caring, ...
or maybe awake
Follow me on Twitter:
@way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
Post #615605
Ian Massi
Ian Massi
Posted Monday, December 08, 2008 11:46 AM
Ten Centuries
Group: General Forum Members
Last Login: Yesterday @ 12:15 PM
Points: 1,303,
Visits: 1,664
^^ I don't know about everyone else, but I never got the newsletter this morning. Had to go to the site to get my fix. As for auditing, where I am we use trigger based auditing. Nothing too important being looked for, but if someone changes something, knowing the who, what, and when will lead them to the why.
Post #615706
Steve Jones - SSC Editor
Steve Jones - SSC Editor
Posted Monday, December 08, 2008 9:34 PM
SSC-Dedicated
Group: Administrators
Last Login: Yesterday @ 3:26 PM
Points: 31,425,
Visits: 13,738
Yep, lack of replies was my fault. No newsletter.
Follow me on Twitter:
@way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
Post #615914
« Prev Topic
|
Next Topic »
Permissions
You
cannot
post new topics.
You
cannot
post topic replies.
You
cannot
post new polls.
You
cannot
post replies to polls.
You
cannot
edit your own topics.
You
cannot
delete your own topics.
You
cannot
edit other topics.
You
cannot
delete other topics.
You
cannot
edit your own posts.
You
cannot
edit other posts.
You
cannot
delete your own posts.
You
cannot
delete other posts.
You
cannot
post events.
You
cannot
edit your own events.
You
cannot
edit other events.
You
cannot
delete your own events.
You
cannot
delete other events.
You
cannot
send private messages.
You
cannot
send emails.
You
may
read topics.
You
cannot
rate topics.
You
cannot
vote within polls.
You
cannot
upload attachments.
You
may
download attachments.
You
cannot
post HTML code.
You
cannot
edit HTML code.
You
cannot
post IFCode.
You
cannot
post JavaScript.
You
cannot
post EmotIcons.
You
cannot
post or upload images.
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved.
Privacy Policy.
Terms of Use.
Report Abuse.
