?
Solved

SQL Server Auditing

Posted on 2012-03-30
1
Medium Priority
?
202 Views
Last Modified: 2012-04-09
Currently Running SQL Server 2008R2
I have a few production Databases
I need to set up auditing to track all changes to these servers and all databases on these servers.
For Example Altered Procedures or dropped indexes or changed passwords plus all other major changes
I need to make sure that it is lightweight since I do not want our production environment to suffer. What type of audit can I set up which is not too taxing on the system?
Or will auditing always have a negative impact on the production environment?
0
Comment
Question by:VitaminD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 25

Accepted Solution

by:
jogos earned 1500 total points
ID: 37790068
Best way is to limit permissions to only a few. Channel the db-changes so they get 'authored' before applied. And so you also can have the possibility to get your db-changes in version control.  You must restore db of last week, no problem and you still have the scripts to do the db-changes which were done since then.

Then you still can 'audit' with DDL-triggers, they don't bother normal usage of your database
See at
http://msdn.microsoft.com/en-us/library/bb522542.aspx
http://msdn.microsoft.com/en-us/library/bb522542.aspx 
http://www.mssqltips.com/sqlservertip/2085/sql-server-ddl-triggers-to-track-all-database-changes/

Or 'Auditing'
http://www.appsecinc.com/presentations/Security_Auditing_MSSQL.pdf
http://msdn.microsoft.com/en-us/library/cc280386(v=sql.105).aspx
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to add a user-defined command button to the Windows 7 Explorer toolbar.  In the previous article (http://www.experts-exchange.com/A_2172.html), we saw how to put the Delete button back there where it belongs.  "Delete" is …
This article describes a technique for converting RTF (Rich Text Format) data to HTML and provides C++ source that does it all in just a few lines of code. Although RTF is coming to be considered a "legacy" format, it is still in common use... po…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question