Solved

SQL Server Auditing and Maintaing Logs

Posted on 2014-04-02
5
880 Views
Last Modified: 2014-04-07
Hi,

We are currently in process of building a large ERP solution and one of the requirement is to generate a report (We are using SSRS report Server) of who did what. Management wants a capability to be able to generate a report that could tell them x person created n records in Entity1, m records in Entity2 and so on.

So the most logical solution was to add a Log table for each entity and build a trigger for every Insert Update and Delete.

However, the same information can be extracted from the Transaction Logs as well. Atleast that is an idea I am working with. Can someone point me in the right direction here, as I have been entrusted to explore the possible solutions (Tools that can do that). The idea I am working on is that we should not be required to re-invent the wheel and there should be SQL Server tools that should be able to do that and much more.

Any help in this matter will be much appreciated and I understand, this is a subjective question but I will try my best to do the justice with most suitable response(s).

Thanks in Advance.
Amit
0
Comment
Question by:AmitJain001
  • 2
  • 2
5 Comments
 

Author Comment

by:AmitJain001
ID: 39974231
And I forgot to mention, points will also be awarded to the expert(s) for bringing out valid pros and cons of this approach, or advises a better approach.

Thanks,
Amit
0
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 500 total points
ID: 39976014
It looks like you're using SQL 2008 - have you checked into Change Data Capture (CDC)?

http://technet.microsoft.com/en-us/library/bb522489(v=sql.105).aspx

It's built to monitor tables for changes and write the details of those changes to a logging table that can later be queried for a summary report. This would be the easiest way I can think of to track table-by-table changes.

You could create triggers like you're suggesting, and that might be easy if all you care about is "this user inserted X records into table 1, updated Y records in table 2, and deleted Z records from table 3", but it will be difficult to track all the column-level changes via triggers (and what happens if you add new columns later). CDC would allow you to capture as much (or as little) detail as you want, and I think it would meet your needs.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 39978206
I agree about CDC.  A big problem with using a TRIGGER is that more than likely the user is not available to the TRIGGER.

One caveat with CDC is that it is Enterprise Edition only.
0
 
LVL 28

Expert Comment

by:Ryan McCauley
ID: 39979290
Good call - I didn't realize it was an Enterprise-only feature.

As Anthony mentions, whatever user is making the DML change will also need rights to the place the trigger is writing the data tracking entries. Maybe not a big deal, but something to consider.
0
 

Author Comment

by:AmitJain001
ID: 39982407
Thank You Guys. I was initially inclined towards using a Third Party Tool such as ApexSQL LOG or PowerBroker Database for extracting information from Transaction Log but it seems SQL Server 2008 R2 has simplified extracting information from Log files using CDC.

Will definitely explore more in this regard. Thanks Ryan, yours is the most valuable feedback and certainly gives me something to dive into.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
query execution hang 5 28
convert null in sql server 12 31
Find results from sql within a time span 11 29
sql 2008 how to table join 2 11
Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now