Hi...A much lamented question, I guess..I'm trying to create a simple audit trail.log the changes to an SQL 2000 table, so that they are written into amirror table. The entire record, only the updated one, i.e. if sayonly one field changes, the audit table will be inserted with onerecord that has one field changed. if the record has been deleted, itstill will be written.I'm not worrying about additional fields to the audit table containingdescriptive flags of what action took place yet. I just want themirror image for starters.I got the script of the 'create table' off Query analyzer. created theaudit table.the trigger looks like this:CREATE TRIGGER dt_tbl1_auditon tbl1for insert, update, deleteASinsert into tbl1_auditselect * from insertedthe table has about 50 fields or so, so I tried to make do with *'s.didn't work, so I tried copying and pasting the explicit list of fieldnamesinstead (though I'm not sure why it needs that if the two tables areidentically structured).in either case, if I update any field on the audited table, I get thiserror:(after getting the warning that the results may take a long time toprocess etc, the original table has over 100,000 rows)"another user has modified the contents of this table or view,the database row you are modifying no longer exists in the databasedatabase error: insert error:column name or number of supplied values does not match tabledefinition"I'm not sure what's wrong, the two tables are identical (I copy pastedthe create table script with no changes). no other users except me onthis database.i've removed all constraints and indexes from the audit table.thanks
We're looking for a solution to an audit trail issue. Our business people are looking to track each column value that changes(before and after images) for every table on our database as well as the userid that changed the data and when it was changed. Are there any methods that have been employed by other sites to track this level of detailed changes without resorting to triggers for each table and has anyone worked out a way for this audit trail writing to be handled asynchronously within SQL Server?
I have a Mailout table with a MID, ADDRESS, CITY, POSTCODE linked to another table called History which contains events that are associated with each Mailout record. I need to create an audit trail based on the MID of the mailout table that would tell me how many records are currently in event 1,in event 2 etc.
I'm thinking of creating an audit trail table that would store the data as well as create triggers to check on any change(add/deletions/updates) of the status of each record.
Is this the best way of doing it? Or are there any other ways of achieving an audit trail?
I tried to implement triggers for filling audit-trail table on this way.Everything works fine as long as I don't update the primary key field value.When I try to update PK value, an error occures.The code is the following:CREATE TRIGGER NameOfTheTriggerON dbo.TableName FOR DELETE, INSERT, UPDATEAS BEGINdeclare@type varchar(10) ,@UpdateDate datetime ,@UserName varchar(128)if exists (select * from inserted) and exists (select * from deleted)select @type = 'UPDATE'else if exists (select * from inserted)select @type = 'INSERT'elseselect @type = 'DELETE'select @UpdateDate = getdate() ,@UserName = system_user/* this code is repeting for every field in the table*/if update (TableName) or @type = 'DELETE'insert dbo.AUDIT_TRAIL (TableName, FieldName, OldValue, NewValue,UpdateDate, UserName, type)select 'TableName', convert(varchar(20), 'FieldName'),convert(varchar(1000),d.FieldName), convert(varchar(1000),i.FieldName),@UpdateDate, @UserName, @typefrom inserted ifull outer join deleted don i.PrimaryKeyFieldName = d.PrimaryKeyFieldNamewhere (i.FieldName<> d.FieldName or (i.FieldName is null and d.FieldName isnot null) or (i.FieldName is not null and d.FieldName is null))ENDHow to slve the problem with updated (changed) primary key values?What is the typical code for audit-trail triggers?Thanks.
Hello.I tried to implement audit trail, by making an audit trail table with thefollowing fileds:TableName,FieldName,OldValue,NewValue,UpdateDate,t ype,UserName.Triggers on each table were set to do the job and everything was fine exceptthat in the audit trail you couldn't know which row exacltly wasupdated/inserted/deleted...Therefore I introduced 3 additional columnes(RowMark1, RowMark2, RowMark3) which should identify theinserted/updated/deleted row.For example, RowMark1 could be foreign key, RowMark2 could be primary key,and RowMark3 could be autonumber ID.But, when I have several rows updated, RowMark columnes values are identicalin all rows in the audit trail table! What is wrong with my code, and how tosolve it ?Thank you in advance!CREATE TRIGGER Trigger_audit_TableNameON dbo.TableNameFOR DELETE, INSERT, UPDATEAS BEGINdeclare @type nvarchar(20) ,@UpdateDate datetime ,@UserName nvarchar(100),@RowMark1 nvarchar (100),@RowMark2 nvarchar (100),@RowMark3 nvarchar (100)if exists (select * from inserted) and exists (select * fromdeleted)select @type = 'UPDATE',@RowMark1=d.ForeignKeyField,@RowMark2=d.PrimaryKey Field,@RowMark3=d.IDfrom deleted delse if exists (select * from inserted)select @type = 'INSERT',@RowMark1=i.ForeignKeyField,@RowMark2=i.PrimaryKey Field,@RowMark3=i.IDfrom inserted ielseselect @type = 'DELETE',@RowMark1=d.ForeignKeyField,@RowMark2=d.PrimaryKey Field,@RowMark3=d.IDfrom deleted dselect @UpdateDate = getdate() ,@UserName = USER/*The following code is repeated for every field in a table*/if update (FieldName) or @type = 'DELETE'insert dbo.AUDIT_TRAIL (TableName, FieldName, OldValue, NewValue,UpdateDate, UserName, type,RowMark1,RowMark2,RowMark3)select 'Descriptive Table Name', convert(nvarchar(100), 'DescriptiveField Name'),convert(nvarchar(1000),d.FieldName),convert(nvarchar(1000),i.FieldName),@UpdateDate, @UserName, @type, @RowMark1, @RowMark2,@RowMark3from inserted ifull outer join deleted don i.ID = d.IDwhere (i.FieldName <> d.FieldNameor (i.FieldName is null and d.FieldName is not null)or (i.FieldName is not null and d.FieldName is null))END
First a bit about me. I'm a developer in Atlanta. My background is mostly in Unix, but am working in NT at this job. I am gearing my skills towards enabling products on the web for people. I have experience in PHP, HTML, Javscript, C/C++, MySQL, a little Oracle and now getting fimilar with SQL Server.
What i'm trying to do.... Track all changes to data in the DB.
Why i'm doing it.... Banking application, any account changes need to be logged with which employee made the change.
How I want to do it.... Currently the app is a web app that accesses VB for the backend. There is a single SQL Server user accessing the DB. I want to use triggers on INSERT, UPDATE, and DELETE to copy the new row to any audit table. This will be identical but with user, action and time.
Problem.... Single user connection will hide acutal app userid. I want to have the VB app get the "SQL Server Session ID" (if one exists) and store the app_userid in a table with the session ID for cross reference by the trigger.
Question: Does SQL Server have a "session id" for multiple connections for a single user? Where is it located? Can VB access this information?
What's the best way to keep an audit trail of every insert, update, and delete of a certain table? Any example code out there? I'm thinking in terms of a trigger for each event, for instance, the update trigger would insert a new record into the audit table with a field for each column in the deleted table and a field for each column in the inserted table.
Is there any way to maintain audit trail of access to my SQL server 2000 database by any user ?? I need to log the timestamp of any insert/update/delete to any record in a table within the database by the user.
I have made a server security audit and specify from database audit specification to audit "select" on a certain user and on a certain table. I logged in by this user and made the select statement..when i run this query
"select * from sys.fn_get_audit_file('d:Auditaudit1*',null,null)"
It return a value at which time the query has done
after 15 minutes i repeated the same action, i run the audit query and the same result is showed off on the panel.is it suppose to return a list of values by how many times this user has made the select statement on that table ? for example at 5:00 pm then 6:00 pm and so on
I need help...here is the problem.Last weekend, the servers in our datacenter where moved around. After thismove, and maybe coincidental, 1 server is performing very poor. Afterrunning a trace with SQL Profiler, I saw the problem which was laterconfirmed with another tool for SQL server performance monitoring. It seemsthat all connections to the SQL server (between 200 - 400) are doing a login/ logout for each command that they process. For example, the user'sconnection will login, perform a SELECT, and then logout. This is not a..NET application. The client software was not changed, it is still thesame. The vendor has said that it is not supposed to do that, it issupposed to use 1 connection that log's on in the morning and logs off atthe end of the day or whenever the user exits. 1 user may have severalconnections to the database.At times, the server is processing over 250 login / logouts (avgeraged for30 second period). Has anyone seen this problem? I have the server inAUDIT FAILUREs only. The server has become very unresponsive, things thattook 3 seconds now take over 15 seconds.Any ideas???
hi was looking forward to downloading the 180 day trial version of ms sql server 2005. Signed up and everything. when it loaded the download page it only has the 2 help files listed. Has the free trial ended? if i download the full express version does that have a free trial? firstname.lastname@example.org
hi was looking forward to downloading the 180 day trial version of ms sql server 2005. Signed up and everything. when it loaded the download page it only has the 2 help files listed. Has the free trial ended? if i download the full express version does that have a free trial?
I enabled the C2 Audit option for my SQL server and it is working allright. i am trying to figure out how can i configure the audit to run for specific databases/tables only. I have several databases on the server but I just want to audit one table in one database for PCI compliance rules. Any recommendations?
Good morning, Im having a little problem with this report I need to generate, so I thought I would ask for some advice. I have 2 tables. The 1st is the actual table and the 2nd is the log table (Employee; Employee_log). the '_log' table is an image of the Employee table except it has 4 extra fields (recID, last_updated_employee_id, operation and operation_date) recid being the PK of the log table. I need to generate a report that contains some thing like the following:
To do this, I compare the Employee table to the Employee_log table. If I find changes (the two columns do not equal), I add that columnName and the column value for the regular table(new_value) and the column value for the log table(old value). If anyone has a solution or some sql to help me out, it would be greatly appreciated. (A query that will give me each columnName with the value per row would help; Somehow possibly joining my Employee table with 'INFORMATION_SCHEMA.COLUMNS' ??) Thanks!
I wish to track changes made to a table, including login who made the change, time of change, etc, without having to change the existing table structure, stored procedures, application. If anyone has any strategies (with a brief explanation) or articles they could point me to, it would be very much appreciated.
My thinking is to set up a trigger to write both old and new data to a audit table but considering different strategies may be helpful.
I have tried to make my basic audit log do more, but i haven't gotten very far;
In my basic audit log, i record this information:
table type of change field modified old value new value db user date/time
This audit records everything, which is great, but it cannot relate information when i go back to analyze the changes; for example, when a "directory" record is added, a user's information may be entered into several different tables, such as:
name (different table) addresses (different table) phone numbers (different table)
If one wanted to look up the changes to addresses of a person in the directory based on the person's name, i could not do it with my existing audit log because the addresses would be in a different table than the name table and there is no relating data in the audit log to relate the address changes to a persons name;
What might be a solution? I have tried a few approaches and am at a loss;
does anyone know how i can audit a servers login id's and tell the last time it was used. i have just gain about 8 sql servers with a bunch of users that i know are no longer around. so i am trying to trim out dead id's
I am currently developing a system which uses SQL Server 7 as its repositry. One of the systems requirements is the ability to be able to record any changes made to the data, and by whom. In other words I need to store the before and after with a userid.
Is there away to track which user had deleted and object(table), the transaction log has that information but you can't read it and the error log doesn't log such info. Any advice would be appricated, thanks.
Have a scenario where we have to audit all our databases and servers for changes in security accross the servers.
We have a central montioring server where we pull SQL metadata at regular intervals. In this instance we are looking to have before and after snapshots of the SQL system tables.
For the logins this is fine as there is a last updated field in the syslogins table. We can tell when a new user has been added , remmoved or the login has changed ie the login as been added to sysadmin fixed server role... etc Perfect !!!
What Im trying to work out now is how I can do this for object level permsisions. Have looked at sysprotects but no joy. If a user or a role has been granted select or update on a table... How can I tell based on before and after snap shots of the system tables what permissons have changed and whom have they changed for...
Hi all, I would just like to ask whats the best way to make some audit on some of the tables in a MS SQL server, what i'm planning to have is to have a table which can contain all changes/inserts/deletion of some given tables, my first idea was to have this:
AuditTable that have the following fields: AuditID, TableName, FieldName, OldValue, NewValue, UpdateBy, UpdateDate
then in all the given tables, i'll have insert, update and delete trigger, the issue comes down to the trigger, what will be the best way to have that trigger written in a way that it can be use for other tables as well? say if a table have more then 20 fields, I don't want to declare 20 var and compare them 1 by1, and if there is a diff, then i insert to the audittable, I want something that it can loop and (if possible) be able to use by other table as well, so the field name etc can get from sysobjects, but then how can you code it in a way that it can do that?
Or is there any better way to get the same result? currently i have an audit table for each table i want to audit on and its just wasting space, any help will be great. Thanks,