Record activity of users

ybt
ybt used Ask the Experts™
on
Management wants to know what employees are doing if working remotely. I would like to track and store their activity while they are connected to our work server via remote access.

I need to track all user activity such as select, insert, update and delete and put it into a table in order to create a report.

The Database we use is Microsoft SQL Server 2012.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I have no answers because I am not a programmer but a few more facts would assist those who do ... what kind of database, version, etcetera?
Distinguished Expert 2017

Commented:
Is auditing part of the application your users use?
Are you talking about recording their keystrokes?

Remotely how, via VPN or on gaged into Remote Desktop applications?
Much depends on what you are looking for. Publish an application such that the remote user has a limit of they can do.

The application has to have auditing I.e. Medical, financial, etc. commonly gave auditing of which record a user accessed and when.
btanExec Consultant
Distinguished Expert 2018

Commented:
To track all user activities, you need to have an agent installed and act as a surveillance  services which user cannot disable or remove it without authorisation. Better to explore solution along the user activity monitoring aspect. One of which is ObserveIT. https://documentation.observeit.com/configuration_guide/user_recording_policy.htm
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

ybt

Author

Commented:
It can be a VPN or internal network. We need to be able to track it in SQL Server environment.
Exec Consultant
Distinguished Expert 2018
Commented:
Endpoint level - deploy UAM agent and turn on the system level OS tracking

Network level - deploy Privileged Access Management system that proxied all the remote administrative activity and also any on demand access based on need to explicit workflow approval

Database level - deploy database activity monitoring agent that will track all the DB queries and send log for alerts and escalation

User level - managed central Identity store of all the users, contractors and administrators so that activity of accounts are constantly tracked

Central monitoring - managed via SIEMS with all the log aggregated and correlated on rules to trigger anomalies on activity

I see above as a collective efforts to piece out the user activities end to end. Audit log would be critical as all these layers act as a form detection sensors for response.
ybt

Author

Commented:
Thank you very much for detailed explanation

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial