Hey Roy,
Looking forward to Part #3. I really think 'Who' changed the data or 'What Process' is critical when it comes to logging.
I wanted to let you know how my company handles auditing 'WHO' in the hopes you may 'speak to it' in your next article.
We use a table similar to "Product". In the stored procedures that change data in this table we force developers to specify a LogUserID and a LogProcessID. The LogUserID represents the person logged into the system that pressed the 'save button' or 'delete button' on the GUI or it may be a system user. The LogProcessID is used to indicate if the change was triggered by a Web Application, A Nightly 'Product Price Update' Job sql server job, a windows service, a web service etc.
PRODUCT TABLE SCHEMA
----------------------------------
ProductID
Description
Price
LogUserID
AppProcessID
DateTimeModified
DateTimeInserted
PRODUCT TABLE SCHEMA IN LOG DATABASE - A trigger inserts into a duplicate table
------------------------------------------
AuditID
Action
ProductID
Description
Price
LogUserID
AppProcessID
DateTimeModified
DateTimeInserted
Anyway - I am really curious about the 'Who' in part #3 and hope you can cover this scenario in your article.