SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Audit SQL account usage


Audit SQL account usage

Author
Message
Gary Andrade
Gary Andrade
SSC Veteran
SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)

Group: General Forum Members
Points: 266 Visits: 57

To comply with SOX requirements we have established Maintenance accounts that are checked out (given a key/password). The account is good for a peroid of time before the password gets changed. I have the requirement to audit the activities of the accounts. What is the easiest way to do this? Profiler does'nt seem like an option because of the ongoing nature and amount of accounts to monitor. Do I need a log reader software and if so which one can track changes by account name?


Antares686
Antares686
One Orange Chip
One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)

Group: Moderators
Points: 27406 Visits: 802
Sorry setting up a permanent trace on the server that outputs to file, Profiler or a tool like profiler will be required to capture all of those details as SELECTs are not logged nor are they otherwise auditable. I have seen serveral SOX requirements and am curious what your system is for that requires such a strenuoues auditing of action. As well you can audit all you like but it can only tell what they looked at, not neccessarily what they did with it. If your server's data is under SOX scrutiny then you need to make sure that application side is logging what is going on as well since you cannot actually see that.



Gary Andrade
Gary Andrade
SSC Veteran
SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)SSC Veteran (266 reputation)

Group: General Forum Members
Points: 266 Visits: 57
Since my post I have checked out Lumigent's ENTEGRA product it seems to be geared toward exactly these type of situations. I will be evaluating this product in the next week and should have more feedback. Our SOX auditors have told us to be in compliance we need the ability to track any changes made outside the normal interface of a product. There is nothing in SOX that I know of that requires the ability to track changes from within the application. I know what your thinking and yes is doesn't make sense but thats the world we live in after Enron! The application is a customer service record applications that tracks service and billable hours to customers. because of the financial data it tracks it falls under our SOX requirements. Our company feels we should be using the same change management processes for all databases so I have to implement these rules on everything I now administer. yes Ouch!
Antares686
Antares686
One Orange Chip
One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)One Orange Chip (27K reputation)

Group: Moderators
Points: 27406 Visits: 802
Remember to ask for a payraise and and nice corner window office.



Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search