well, you are only going to capture changes that occur in the future, after you've put some sort of auditing in place.
stuff that has already happened just plain is not captured...the transaction log might tell you WHEN some change was done, but it doesn't capture WHO did it.
for me, when it comes to row based auditing, a trigger on the table(s) in question is probably the first thing i'd look at.
some thing like this can get you the information about who/when insid ethe trigger itself, so you can save that information int he smae or different table:
--the auditing snippet below works fine in a
--login trigger,
--database trigger
--or any stored procedure.
SELECT
getdate() AS EventDate,
DB_NAME() AS DBName,
HOST_NAME() AS HostName,
APP_NAME() AS ApplicationName,
OBJECT_NAME(@@PROCID) AS ProcedureName,
USER_ID() AS Userid,
USER_NAME() AS UserName,
SUSER_ID() AS sUserid,
SUSER_SNAME() AS sUserName,
IS_SRVROLEMEMBER ('sysadmin') AS [Is_ServerAdmin_Sysadmin],
IS_MEMBER('db_owner') AS [Is_DB_owner],
IS_MEMBER('db_ddladmin') AS [Is_DDL_Admin],
IS_MEMBER('db_datareader') AS [Is_DB_Datareader],
ORIGINAL_LOGIN() AS [ORIGINAL_LOGIN]
Lowell