well, you are only going to capture changes that occur in the future, after you've put some sort of auditing in place.
stuff that has already happened just plain is not captured...the transaction log might tell you WHEN some change was done, but it doesn't capture WHO did it.
for me, when it comes to row based auditing, a trigger on the table(s) in question is probably the first thing i'd look at.
some thing like this can get you the information about who/when insid ethe trigger itself, so you can save that information int he smae or different table:
--the auditing snippet below works fine in a
--or any stored procedure.
getdate() AS EventDate,
DB_NAME() AS DBName,
HOST_NAME() AS HostName,
APP_NAME() AS ApplicationName,
OBJECT_NAME(@@PROCID) AS ProcedureName,
USER_ID() AS Userid,
USER_NAME() AS UserName,
SUSER_ID() AS sUserid,
SUSER_SNAME() AS sUserName,
IS_SRVROLEMEMBER ('sysadmin') AS [Is_ServerAdmin_Sysadmin],
IS_MEMBER('db_owner') AS [Is_DB_owner],
IS_MEMBER('db_ddladmin') AS [Is_DDL_Admin],
IS_MEMBER('db_datareader') AS [Is_DB_Datareader],
ORIGINAL_LOGIN() AS [ORIGINAL_LOGIN]
--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!