asked on
SQL Server 'SA' account successful logon Alert
Hi Experts,
I want to capture 'SA' account successful logon alone , i need to send an email alert to security team.When anyone logged in using 'SA' account. We have SQL Server audit feature to achieve this . it captures all successful logins in security log. But i need only 'SA' user account successful audit information. Please provide your tips.
Thanks in Advance,
Sreenivasa
I want to capture 'SA' account successful logon alone , i need to send an email alert to security team.When anyone logged in using 'SA' account. We have SQL Server audit feature to achieve this . it captures all successful logins in security log. But i need only 'SA' user account successful audit information. Please provide your tips.
Thanks in Advance,
Sreenivasa
Microsoft SQL ServerMicrosoft SQL Server 2008
Last Comment
tschary
ASKER
Hi Vitor,
It is working fine. I have modified the below email send line to inserting data into a temp table for testing purpose. It is working fine. But for single 'sa' login (using SQL Server Authentication mode) it inserting three records in the table instead one single record. Please suggest me on this.
--EXEC msdb.dbo.sp_send_dbmail @recipients = 'SecurityTeam@company.com'
INSERT INTO [tempdb].[dbo].[TestSA]([V
It is working fine. I have modified the below email send line to inserting data into a temp table for testing purpose. It is working fine. But for single 'sa' login (using SQL Server Authentication mode) it inserting three records in the table instead one single record. Please suggest me on this.
--EXEC msdb.dbo.sp_send_dbmail @recipients = 'SecurityTeam@company.com'
INSERT INTO [tempdb].[dbo].[TestSA]([V
Strange.
How are you logging in?
How are you logging in?
ASKER
Hi vitor,
I have tried with email profile account as well, it is sending 3-5 mails when i login through SA account. I am logging via SQL Server authentication mode . User name: sa, passowrd: xxxxxxx.Please find my code and review.
CREATE TRIGGER [testSA]
ON ALL SERVER
FOR LOGON
AS
BEGIN
IF ORIGINAL_LOGIN()= 'sa'
EXEC msdb.dbo.sp_send_dbmail @profile_name='testProfile
@recipients='xyz@abc.com',
@body='SA log on occured in the server '
END;
I have tried with email profile account as well, it is sending 3-5 mails when i login through SA account. I am logging via SQL Server authentication mode . User name: sa, passowrd: xxxxxxx.Please find my code and review.
CREATE TRIGGER [testSA]
ON ALL SERVER
FOR LOGON
AS
BEGIN
IF ORIGINAL_LOGIN()= 'sa'
EXEC msdb.dbo.sp_send_dbmail @profile_name='testProfile
@recipients='xyz@abc.com',
@body='SA log on occured in the server '
END;
Sorry, I wasn't clear. What I meant is if you're logging in through an application or just SSMS?
I made some tests and looks like the logon trigger is fired many time when it SSMS. You just need to open some folders under the instance name and you get the trigger fired.
I made some tests and looks like the logon trigger is fired many time when it SSMS. You just need to open some folders under the instance name and you get the trigger fired.
ASKER
Hi Vitor,
Yes. I am trying through SSMS and not from an application. I can see trigger under server objects folder.
Yes. I am trying through SSMS and not from an application. I can see trigger under server objects folder.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks for the solution
Open in new window