Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Who's been selecting data from my table?!

Status
Not open for further replies.
RupertGiles

RupertGiles

IS-IT--Management
Feb 28, 2005
9
GB
Hi,
Long time since I've been reading much here!

What I need to do is to audit not changes but access.

Ideally would like to do it for just one table (that has more sensitive data), of course I could log all logins and attempts. I figured my way would be better for
- performance, less writes
- easier for me to keep an eye on, as we will only be recording a small proportion of transactions.


Anyway look forward to any views/ideas, thanks

Giles
 
Sort by date Sort by votes
If you are using SQL Server 2005 or lower then pretty much your only option will be to setup a SQL Trace that runs automatically and have it log to a file on the SQL Server. Setup filters and objects correctly to log access to the table.

If you are using SQL Server 2008 then you can use the native auditing which comes with it which will log access to the table to files which you can then load into tables in a data warehouse.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2008 Implementation and Maintenance / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Admin (SQL 2005/2008) / Database Dev (SQL 2005)

My Blog
 
Upvote 0 Downvote
Sorry I'm stuck on 2k at the moment, forgot to mention it!
 
Upvote 0 Downvote
There is no way to set a trigger to audit a select - so...
If the data is that sensitive, then deny direct select on the table. Then only allow access to the table via stored procedures - as part of the sproc, you can write audit info to an audit table, including trapping the login ID that accessed it.
 
Upvote 0 Downvote
That won't do anything for auditing what people who are members of the sysadmin fixed server role or db_owner fixed database role are doing which is usually required for an audit. Especially since SQL Tables can be edited by the DBA.

I'm assuming you are dealing with this for SOX, HIPPA, etc?

Setup SQL Profiler and script out the trace. Setup a procedure with the output of that so that the trace starts when SQL Starts.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2008 Implementation and Maintenance / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Admin (SQL 2005/2008) / Database Dev (SQL 2005)

My Blog
 
Upvote 0 Downvote
Hi Mr Denny,
This is required for the PCI DSS. It's a table that is storing some card details.

As far as my interpretation is, I need to be able to show who has accessed this table.

Thanks again
 
Upvote 0 Downvote
Then SQL Profiler will be your best option.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2008 Implementation and Maintenance / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Admin (SQL 2005/2008) / Database Dev (SQL 2005)

My Blog
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

grnzbra
  • Locked
  • Question
Get Excel Data > 255 Characters
Replies
3
Views
224
grnzbra
grnzbra
baran121
  • Locked
  • Question
take a database from system databse place
Replies
2
Views
198
iambob
iambob
CodeWell
  • Locked
  • Question
SQL Server 2017 Install Issue - Database Not in Configuration Manager
Replies
0
Views
241
CodeWell
CodeWell
RRinTetons
  • Locked
  • Question
Logging into a database using SSMS from non-domain machine
Replies
1
Views
217
fredericofonseca
fredericofonseca
Triacona
  • Locked
  • Question
How to broadcast data from a SQL server to an IP an Port 2
Replies
5
Views
176
fisheromacse
fisheromacse

Part and Inventory Search

Sponsor

Back
Top