Maintain Audit Trail Of Access To SQL Server 2000 Database
Sep 25, 2006
Is there any way to maintain audit trail of access to my SQL server 2000 database by any user ?? I need to log the timestamp of any insert/update/delete to any record in a table within the database by the user.
First a bit about me. I'm a developer in Atlanta. My background is mostly in Unix, but am working in NT at this job. I am gearing my skills towards enabling products on the web for people. I have experience in PHP, HTML, Javscript, C/C++, MySQL, a little Oracle and now getting fimilar with SQL Server.
What i'm trying to do.... Track all changes to data in the DB.
Why i'm doing it.... Banking application, any account changes need to be logged with which employee made the change.
How I want to do it.... Currently the app is a web app that accesses VB for the backend. There is a single SQL Server user accessing the DB. I want to use triggers on INSERT, UPDATE, and DELETE to copy the new row to any audit table. This will be identical but with user, action and time.
Problem.... Single user connection will hide acutal app userid. I want to have the VB app get the "SQL Server Session ID" (if one exists) and store the app_userid in a table with the session ID for cross reference by the trigger.
Question: Does SQL Server have a "session id" for multiple connections for a single user? Where is it located? Can VB access this information?
Hi...A much lamented question, I guess..I'm trying to create a simple audit trail.log the changes to an SQL 2000 table, so that they are written into amirror table. The entire record, only the updated one, i.e. if sayonly one field changes, the audit table will be inserted with onerecord that has one field changed. if the record has been deleted, itstill will be written.I'm not worrying about additional fields to the audit table containingdescriptive flags of what action took place yet. I just want themirror image for starters.I got the script of the 'create table' off Query analyzer. created theaudit table.the trigger looks like this:CREATE TRIGGER dt_tbl1_auditon tbl1for insert, update, deleteASinsert into tbl1_auditselect * from insertedthe table has about 50 fields or so, so I tried to make do with *'s.didn't work, so I tried copying and pasting the explicit list of fieldnamesinstead (though I'm not sure why it needs that if the two tables areidentically structured).in either case, if I update any field on the audited table, I get thiserror:(after getting the warning that the results may take a long time toprocess etc, the original table has over 100,000 rows)"another user has modified the contents of this table or view,the database row you are modifying no longer exists in the databasedatabase error: insert error:column name or number of supplied values does not match tabledefinition"I'm not sure what's wrong, the two tables are identical (I copy pastedthe create table script with no changes). no other users except me onthis database.i've removed all constraints and indexes from the audit table.thanks
We're looking for a solution to an audit trail issue. Our business people are looking to track each column value that changes(before and after images) for every table on our database as well as the userid that changed the data and when it was changed. Are there any methods that have been employed by other sites to track this level of detailed changes without resorting to triggers for each table and has anyone worked out a way for this audit trail writing to be handled asynchronously within SQL Server?
I have a Mailout table with a MID, ADDRESS, CITY, POSTCODE linked to another table called History which contains events that are associated with each Mailout record. I need to create an audit trail based on the MID of the mailout table that would tell me how many records are currently in event 1,in event 2 etc.
I'm thinking of creating an audit trail table that would store the data as well as create triggers to check on any change(add/deletions/updates) of the status of each record.
Is this the best way of doing it? Or are there any other ways of achieving an audit trail?
I tried to implement triggers for filling audit-trail table on this way.Everything works fine as long as I don't update the primary key field value.When I try to update PK value, an error occures.The code is the following:CREATE TRIGGER NameOfTheTriggerON dbo.TableName FOR DELETE, INSERT, UPDATEAS BEGINdeclare@type varchar(10) ,@UpdateDate datetime ,@UserName varchar(128)if exists (select * from inserted) and exists (select * from deleted)select @type = 'UPDATE'else if exists (select * from inserted)select @type = 'INSERT'elseselect @type = 'DELETE'select @UpdateDate = getdate() ,@UserName = system_user/* this code is repeting for every field in the table*/if update (TableName) or @type = 'DELETE'insert dbo.AUDIT_TRAIL (TableName, FieldName, OldValue, NewValue,UpdateDate, UserName, type)select 'TableName', convert(varchar(20), 'FieldName'),convert(varchar(1000),d.FieldName), convert(varchar(1000),i.FieldName),@UpdateDate, @UserName, @typefrom inserted ifull outer join deleted don i.PrimaryKeyFieldName = d.PrimaryKeyFieldNamewhere (i.FieldName<> d.FieldName or (i.FieldName is null and d.FieldName isnot null) or (i.FieldName is not null and d.FieldName is null))ENDHow to slve the problem with updated (changed) primary key values?What is the typical code for audit-trail triggers?Thanks.
Hello.I tried to implement audit trail, by making an audit trail table with thefollowing fileds:TableName,FieldName,OldValue,NewValue,UpdateDate,t ype,UserName.Triggers on each table were set to do the job and everything was fine exceptthat in the audit trail you couldn't know which row exacltly wasupdated/inserted/deleted...Therefore I introduced 3 additional columnes(RowMark1, RowMark2, RowMark3) which should identify theinserted/updated/deleted row.For example, RowMark1 could be foreign key, RowMark2 could be primary key,and RowMark3 could be autonumber ID.But, when I have several rows updated, RowMark columnes values are identicalin all rows in the audit trail table! What is wrong with my code, and how tosolve it ?Thank you in advance!CREATE TRIGGER Trigger_audit_TableNameON dbo.TableNameFOR DELETE, INSERT, UPDATEAS BEGINdeclare @type nvarchar(20) ,@UpdateDate datetime ,@UserName nvarchar(100),@RowMark1 nvarchar (100),@RowMark2 nvarchar (100),@RowMark3 nvarchar (100)if exists (select * from inserted) and exists (select * fromdeleted)select @type = 'UPDATE',@RowMark1=d.ForeignKeyField,@RowMark2=d.PrimaryKey Field,@RowMark3=d.IDfrom deleted delse if exists (select * from inserted)select @type = 'INSERT',@RowMark1=i.ForeignKeyField,@RowMark2=i.PrimaryKey Field,@RowMark3=i.IDfrom inserted ielseselect @type = 'DELETE',@RowMark1=d.ForeignKeyField,@RowMark2=d.PrimaryKey Field,@RowMark3=d.IDfrom deleted dselect @UpdateDate = getdate() ,@UserName = USER/*The following code is repeated for every field in a table*/if update (FieldName) or @type = 'DELETE'insert dbo.AUDIT_TRAIL (TableName, FieldName, OldValue, NewValue,UpdateDate, UserName, type,RowMark1,RowMark2,RowMark3)select 'Descriptive Table Name', convert(nvarchar(100), 'DescriptiveField Name'),convert(nvarchar(1000),d.FieldName),convert(nvarchar(1000),i.FieldName),@UpdateDate, @UserName, @type, @RowMark1, @RowMark2,@RowMark3from inserted ifull outer join deleted don i.ID = d.IDwhere (i.FieldName <> d.FieldNameor (i.FieldName is null and d.FieldName is not null)or (i.FieldName is not null and d.FieldName is null))END
What's the best way to keep an audit trail of every insert, update, and delete of a certain table? Any example code out there? I'm thinking in terms of a trigger for each event, for instance, the update trigger would insert a new record into the audit table with a field for each column in the deleted table and a field for each column in the inserted table.
1. Does SSRS is J-Sox Compliant, an application must have audit trail feature. For Reporting printing, it should facilitate reports' data logging process.
2. Information like WHO and WHEN printed the report and WHAT data was viewed?
I am trying to export the result of a select into a .csv file using SQL Server 2000 DTS. The data for varchar fields has leading zeroes in the database, which is very much required in the csv file.
But, the .csv file trims the leading zeroes. How do we force to maintain the same data as in source?
I had used Text File Destination Connection as the destination, with the below options File Extension: .csv File Format: Delimited File Type: ANSI Text Qualifier: Double Quotes ("") Row Delimiter: {CR}{LF} Column Delimiter: comma
Source Data: 0123 Target Data (Requirement): 0123
The data in .csv: 123 (This is the issue)
When I open this file in a Text Editor, I do see the data in double quotes..."0123".
I am using SQL Server 2012. I Want To Maintain all Type Logs In Particulars database or server. I want to track all Query Which Execute in Particulars Database. and all other activity?
I have made a server security audit and specify from database audit specification to audit "select" on a certain user and on a certain table. I logged in by this user and made the select statement..when i run this query
"select * from sys.fn_get_audit_file('d:Auditaudit1*',null,null)"
It return a value at which time the query has done
after 15 minutes i repeated the same action, i run the audit query and the same result is showed off on the panel.is it suppose to return a list of values by how many times this user has made the select statement on that table ? for example at 5:00 pm then 6:00 pm and so on
Is there a way to audit the login on SQL Server 2000? I'm looking for away to get a report login/logout events with the name of the database.Thanks in advance.
Hi guys, We have a scenario where there are about 50 tables in our database and we want to build an intranet web application for users to with the office to access those tables. Users ability to access tables falls into diferent category:
Some users can NOT view some tables at all Some users can ONLY view some tables but not insert/update any field Some users can view and also insert/update some tables (in the same time they might not have view(select) permision on some other tables) Now, what is the right way to implement this. I say we have to have a Role, RolePermission, User, UserPermission inside our database to implement this (something which would look like the Roles and Users inside MSSQL) and we only have one user for our Database (MachineName/ASPUSER) to access the database and all the tables within My colleague says NO, instead of creating all these tables and implement this, we add every user of our application as a Database user inside MSSQL in the Databse Users. All the web application I have seen so far, DNN, CommunityServer, ... the have tables to implement all these and they don't add users inside the MSSQL. Now which way is the way to go with, and what problem might we fall into if we use SQL users, is this possible at all. How can I convince him that we have to make and use our own tables to manage this. Thanks for any help,Mehdi
Hi I have problem in configuring my web project on Window server 2000. I have created the web application using Visual Studio 2005 tools. I have configured Window server 2000 with the .Net Framework Version 2.0. I can access the page which doesn't have database access. The connection string in the web config file is giving me the problem that connection string can't be found. Does any one have any idea? My database connection string looks like this. <connectionStrings> <add name="etzAusBldConnectionString" connectionString="Data Source=CASCADE;Initial Catalog=etzAusBldBaseData1;User ID=sa1;Password=****" providerName="System.Data.SqlClient" /> </connectionStrings> Moe
I have managed to transfer the SQL SERVER 2000 database tables to access database by using DTS. But how can I transfer stored procedures in SQL SERVER to Access 2000
How can i transfer a database from Access to Sql Server 2000?
Exactly : i want to transfer a .mdb into .mdf, and i want to keep the structure of .mdb, a structure which have tables, queries, macros, modules... When i start the transfer with Data Transformation Services ( DTS- Import Data ) , i can see that DTS shows me only tables and queries. At the end of transfer, in my .mdf database, on server, i have only tables, without queries, macros, modules.
My question is how can i transfer the queries and macros ( exactly how are in .mdb ) to .mdf database?
I have upsized an Access database into SQL Server and manged to getthe data in place ok. The wizard created an Access Project which Ihave started to modify.However, I am also trying to get data from an AS/400. Specifically fora currency/exchange rate file. I only want ot copy the records sincethe last copy otherwise there are a vast number of records.I have created a linked server to the AS/400 within SQL Server, andcreated a view, within my specific database which allows me to look atall the data in the table.However, my problem is that I want a VB routine, in the AccessProject, which lets me copy out specic records from the view into atable within the SQL Server database. Any clues?????My oroginal code used a link to the AS/400 and the folowing code:-s = "INSERT into zacjdf00 "s = s + "select CJCNCD, CJD5E9, CJCUCD, CJD5FF, CJD5FG, CJD5FH,CJD5FI, CJD5FJ, CJD5FK "s = s + "from XGHLDTM_ZACJDF00 "s = s + "where "s = s + "CJD5E9 = '" & group & "'"DoCmd.RunSQL (s)group is preset in the VB code.
My application uses sql for performing operation. something like conncetion.execute(query). so there is only conncetion object no recordset object or something like that .
i want to run multiple instence of my application so i want to maintain integrety of data. and i am looking for solution through sql for locking mechanism. so concurrent data access dont currept data.
Hello all, does anyone know of a SS2005RS user audit program that an administrator can run on a RS server to show which userids have access to folders? I have in mind a pgm that would show:
folder users
Home user01, user02, user03
folderA user01,user02, user05
folderB user02, user06
Is there a pgm available as a download, or does someone have a home-grown pgm whose source they would let out?
We have a Silverlight based application which currently supports only one production version. Idea is to support three concurrent versions of the same application and user will switch to the newer versions based on their interest or they can still continue with the older version.
We still have to use the existing database for all these three versions.
What is the best way to architect this so that we can differentiate the code between the versions and still keep the data in sync and run all the versions in parallel.
Hi,Simple question: A customer has an application using Access 2000frontend and SQL Server 2000 backend. Data connection is over ODBC.There are almost 250 concurrent users and is growing. Have theysqueezed everything out of Access? Should the move to a VB.Net frontendtaken place ages ago?CheersMike