SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Get your favorite SSC scripts directly in SSMS with the free SQL Scripts addin. Search for scripts directly from SSMS, and instantly access any saved scripts in your SSC briefcase from the favorites tab.
Download now (direct download link)

Who has accessed my 2005 server?

By Jack Corbett,

This script returns login information from the default trace created in SQL Server 2005. When the sys.server_principals data is null that would mean the login is allowed via a Windows Group.

sys.traces provides the information for the default trace such as the file path and the max files.

fn_trace_gettable returns the data from trace file(s) in table format.

sys.server_principals is the way you should access server logins in SQL Server 2005, replacing syslogins.

An important thing to note is that the default trace will create up to 100MB (5 20MB files) of event data and then begin wrapping. Also it creates a new file when ever the SQL Server is restarted so you may not have the full 100MB of data if you reboot or restart SQL Server often.

Edit 02-09-2009:

Modified the code to strip the numerical portion of the trace path (Log_nn.trc) as this caused only the current file to be loaded.

Total article views: 15097 | Views in the last 30 days: 1
Related Articles

Stairway to Server-side Tracing - Level 4: How to Create and View Default and black box Trace Data

An introduction to the SQL Server default and black box traces targeted at DBAs who are new to these...


Capture CREATE, DROP, ALTER from the default SQL trace file

Tracks and stores changes to database objects by reading from the default SQL server trace file usin...


SQL Server Default Trace

The default trace in SQL Server is something I have been experimenting with lately. It is a feature ...





Create server side trace.

Cannot create server side trace - error 12