Re: Audit trail for web application

From: bradley (someone_at_microsoft.com)
Date: 06/21/05 

Date: Tue, 21 Jun 2005 08:41:51 -0400

This is more of a SQL Server question than an ASP.NET question. The problem
with implenting auditing at the application level or using table triggers is
that it is very programming intensive and difficult to cover every point of
database entry. Every time the data model changes, you would need to go back
and revise the audit programming. Go to MSDN and read up on SQL Server
Profiler. It can trap various events and output the log to a SQL Server
table. There are also 3rd party database auditing tools that should do
exactly what you need.

"Parag" <parag_kulkarni@persistent.co.in> wrote in message
news:OR4rFsidFHA.1456@TK2MSFTNGP15.phx.gbl...
> Hello,
> I have been assigned the task to design the audit trail for the ASP.NET
web
> application. I don't know what the best practices for such audit trails
are.
> Our application one dedicated user name and password to perform the
database
> operations. I need to capture all the operations which are performed on
the
> database. Also I need to able to capture the operations which directly
> performed on the backend directly using the tools like enterprise manager,
> query analyzer, etc. And also the data for the action should be captured
in
> some set of tables, but not in the form of BLOB, so that if the admin want
> to know what are the various things the user did during the particular
> session then that should be reproduced in the form of report. Does any
> anybody have any idea of how to do such task? Any tips will be helpful.
>
> I am trying one approach with the help of triggers. But the problem with
> this approach is that I am not able to store all the information need to
> reproduce the same output if I try to generate report for the particular
> session.
>
>
>
> Thanks and Regards,
> Parag Kulkarni,
> India
> Email parag_kulkarni@persistent.co.in
>
>
>

Relevant Pages

  • Re: SQL Server Express versus Access (In the World Series of Love)
    ... If your need involve a form, then triggers are not an appropriate tool: ... after a change in the database. ... OF triggers to achieve the same, say, over view, so, advantage to Jet. ... MS SQL Server may have a horse shoe maker right out of the box, ...
    (microsoft.public.access.modulesdaovba)
  • Write conflict error after adding trigger to table
    ... I have inherited an Access adp that directly connects to SQL Server. ... that database. ... stored proc in the database window instead of through the form, ... is preventing me from rolling these triggers to production where other apps ...
    (microsoft.public.access.adp.sqlserver)
  • Re: Identify users logged thru browser
    ... I have set up the triggers on each table successfully. ... id used to actually access the database. ... >If you manage session state using a SQL table then you can ... >as far as sql server is concerned they are all the same. ...
    (microsoft.public.sqlserver.security)
  • Re: Triggers reverting
    ... If the database you mention contains the Triggers which reverted, ... without loss of data by restoring all of the transaction logs...This means ... Wayne Snyder, MCDBA, SQL Server MVP ... a production change was made in our SQL Server database. ...
    (microsoft.public.sqlserver.server)
  • Generating PL/SQL Script from table
    ... Sorry to keep asking SQL Server to Oracle questions... ... Within SQL Server, once I create a database, related tables, triggers, ... I can automatically generate SQL scripts (through the Enterprise ...
    (comp.databases.oracle.server)