Re: Audit trail for web application

From: bradley (someone_at_microsoft.com)
Date: 06/21/05 

Date: Tue, 21 Jun 2005 08:41:51 -0400

This is more of a SQL Server question than an ASP.NET question. The problem
with implenting auditing at the application level or using table triggers is
that it is very programming intensive and difficult to cover every point of
database entry. Every time the data model changes, you would need to go back
and revise the audit programming. Go to MSDN and read up on SQL Server
Profiler. It can trap various events and output the log to a SQL Server
table. There are also 3rd party database auditing tools that should do
exactly what you need.

"Parag" <parag_kulkarni@persistent.co.in> wrote in message
news:OR4rFsidFHA.1456@TK2MSFTNGP15.phx.gbl...
> Hello,
> I have been assigned the task to design the audit trail for the ASP.NET
web
> application. I don't know what the best practices for such audit trails
are.
> Our application one dedicated user name and password to perform the
database
> operations. I need to capture all the operations which are performed on
the
> database. Also I need to able to capture the operations which directly
> performed on the backend directly using the tools like enterprise manager,
> query analyzer, etc. And also the data for the action should be captured
in
> some set of tables, but not in the form of BLOB, so that if the admin want
> to know what are the various things the user did during the particular
> session then that should be reproduced in the form of report. Does any
> anybody have any idea of how to do such task? Any tips will be helpful.
>
> I am trying one approach with the help of triggers. But the problem with
> this approach is that I am not able to store all the information need to
> reproduce the same output if I try to generate report for the particular
> session.
>
>
>
> Thanks and Regards,
> Parag Kulkarni,
> India
> Email parag_kulkarni@persistent.co.in
>
>
>

Relevant Pages

  • Write conflict error after adding trigger to table
    ... I have inherited an Access adp that directly connects to SQL Server. ... that database. ... stored proc in the database window instead of through the form, ... is preventing me from rolling these triggers to production where other apps ...
    (microsoft.public.access.adp.sqlserver)
  • Re: Identify users logged thru browser
    ... I have set up the triggers on each table successfully. ... id used to actually access the database. ... >If you manage session state using a SQL table then you can ... >as far as sql server is concerned they are all the same. ...
    (microsoft.public.sqlserver.security)
  • Re: Triggers reverting
    ... If the database you mention contains the Triggers which reverted, ... without loss of data by restoring all of the transaction logs...This means ... Wayne Snyder, MCDBA, SQL Server MVP ... a production change was made in our SQL Server database. ...
    (microsoft.public.sqlserver.server)
  • Re: Database access
    ... Triggers cannot be created on ANY system table, ... >> SQL Server will not store this information into any tables. ... >> to get the last access date and time for the database. ... >>> Is there any way to query SQL Server to see the last time a given ...
    (microsoft.public.sqlserver.server)
  • Re: MS Access DAO -> ADO.NET Migration
    ... William Vaughn ... Microsoft MVP ... Hitchhiker's Guide to Visual Studio and SQL Server ... My migration app works building a SSCE database file with imported data ...
    (microsoft.public.dotnet.framework.adonet)