We audit select "tables". I have a generic trigger I apply to all tables of interest which simply makes a copy of an existing row before it is changed/deleted and places it in an "audit" copy of the same table. All audit tables have triggers which prevent deletions execpt by a specific user account which was created for that purpose only.

There is nothing particularly fancy about this method, it is mostly brute force but it works and with some creative SQL we can reconstruct most activity on our sensitive data as well as recovering accidentally changed data. Once in place it takes care of itself (I don't have to be concerned with the application side of the house) but I do have to be mindfull of table design changes since they need to be applied to the audit copy of the table also.

I would be interested in seeing how mcerkez88 implemented/maintains their xml audit logs.

James.