469,167 Members | 1,178 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,167 developers. It's quick & easy.

Auditing user and security related activities in SQLServer

On the other database types, there is an audit capability in that you
record such items as
failed login attempts
attemtped access to tables user is not authroized to
changes to databse schema
changes to permissions
changes to logins (add, delete, lock, unlock, passwrod reset)

All I can find in the SQLServer documentation is the reference to
tracking failed logins when you set up a database, plus the Profiler's
activities.

Yes, I'm taking voer my first SQLServer database and have been asked to
make sure that this database is closely monitored for inappripriate
activity.

Questions:
1) Does SQLServer have this capability? (Sybase has this, which is
where I'm coming from)
2) Does SQLServer do this automatically or do I have to set up the
events to be tracked as happens with Sybase?
3) What commands are there for setting up these events to be tracked?

Thanks in advance!

Jul 23 '05 #1
2 4440
byrocat (bd******@sympatico.ca) writes:
On the other database types, there is an audit capability in that you
record such items as
failed login attempts
attemtped access to tables user is not authroized to
changes to databse schema
changes to permissions
changes to logins (add, delete, lock, unlock, passwrod reset)


In SQL 2000 a Profiler trace is the only option, save for failed logins
which can be tracked by other means.

In SQL 2005 you can set up server and database triggers to audit the
last three events. SQL 2005 is currently in beta.

Attempt to access tables for which user does not have permission is
not something you can track well even in SQL 2005. In fact if a user
says "SELECT * FROM tbl_I_may_not_see" he gets as the same error message
as if it did not exist at all.
--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp
Jul 23 '05 #2
Take a look at www.lumigent.com and their product called Entegra.
Depening on how much you value your time or how much the company your work
for is willing to spend, this may be a "no-brainer" decision. It does most
of what you want to do.
It is priced per processor, ie 1-2 cpu or 3-4 cpu. You can even monitor
"select" statements.

Oscar

"byrocat" <bd******@sympatico.ca> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
On the other database types, there is an audit capability in that you
record such items as
failed login attempts
attemtped access to tables user is not authroized to
changes to databse schema
changes to permissions
changes to logins (add, delete, lock, unlock, passwrod reset)

All I can find in the SQLServer documentation is the reference to
tracking failed logins when you set up a database, plus the Profiler's
activities.

Yes, I'm taking voer my first SQLServer database and have been asked to
make sure that this database is closely monitored for inappripriate
activity.

Questions:
1) Does SQLServer have this capability? (Sybase has this, which is
where I'm coming from)
2) Does SQLServer do this automatically or do I have to set up the
events to be tracked as happens with Sybase?
3) What commands are there for setting up these events to be tracked?

Thanks in advance!

Jul 23 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

5 posts views Thread by byrocat | last post: by
8 posts views Thread by Philippe C. Martin | last post: by
14 posts views Thread by Jonas | last post: by
2 posts views Thread by =?Utf-8?B?SmVmZnJleQ==?= | last post: by
33 posts views Thread by JamesB | last post: by
1 post views Thread by CARIGAR | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.