SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Who Did What?


Who Did What?

Author
Message
sqlintern
sqlintern
Forum Newbie
Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)

Group: General Forum Members
Points: 4 Visits: 1
With the SOX lock downs on our SQL databases, it appears someone had taken "rights" away from a particular login id that imports data via batch. This login was changed and limited in it's access, however, for the last 2.5 years, it did had the correct rights. Once the problem was identified and fixed (restore rights to the login id), now one is "owning" up to making the change. Where do I go to look at the log files to see who made this change originally?



CoetzeeW
CoetzeeW
SSC-Enthusiastic
SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)SSC-Enthusiastic (145 reputation)

Group: General Forum Members
Points: 145 Visits: 161

Howzit .

SQL doesn't keep these changes in a log as such . You have to design a strategy that will keep the changes for you and when it occurs .

You can use SQL profiler , hence the performance impact - so becarefull what events and couters you choose and also if you can design something that will keep all the entries in your syscacheobjects joined to the sysprocesses table in master you should catch the offender .

I have tried to catch a bugger dropping indexes during prod hours by creating a trigger on the syscacheobjects system table but with no -avail ..so I am also in the situasion ..I will keep you informed if I make any progress ...

To all other SQL fundies out there , give your comments , there is two of us now that would like you input in this regard .





mark baekdal-145375
mark baekdal-145375
SSC-Enthusiastic
SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)SSC-Enthusiastic (172 reputation)

Group: General Forum Members
Points: 172 Visits: 6

check out DB Ghost for a solution to database change management. For an excellent read check out this http://www.innovartis.co.uk/pdf/Innovartis_An_Automated_Approach_To_Do_Change_Mgt.pdf


regards,
Mark Baekdal
www.dbghost.com

+44 (0)208 241 1762
Living and breathing database change management for SQL Server


James Whitney
James Whitney
SSC Rookie
SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)SSC Rookie (27 reputation)

Group: General Forum Members
Points: 27 Visits: 39

Lumigent Log Explorer is another tool that you can use to capture this type of infoirmation. It can read and interpret the transaction log files and there is an option to capture user information along with the log entries. In this case, you can use it to look at the syspermissions table.

http://www.lumigent.com/products/le_sql.html



DBAJames
frank singleton-130084
frank singleton-130084
Grasshopper
Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)Grasshopper (17 reputation)

Group: General Forum Members
Points: 17 Visits: 1

ApexSQL has a good tool read the SQL transaction log. You can capture who did what, when and can audit data and DDL structure. I have found it very cost effective compared to what else is out there.

http://apexsql.com/sql_tools_log.htm


Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search