Re: SQL logins logged where

From: SQL Server Development Team [MSFT] (sqldev@microsoft.com)
Date: 04/01/03 

From: "SQL Server Development Team [MSFT]" <sqldev@microsoft.com>
Date: Tue, 1 Apr 2003 10:58:49 -0800

There's a very helpful introduction to SQL 2000 auditing here:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
prodtech/dbsql/sql2kaud.asp

Willis Johnson
SQL Server 

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm.
"Sue Hoegemeier" <Sue_H@nomail.please> wrote in message
news:7htq1vomkpoef86co7m5mbv5uho1u1jmje@4ax.com...
> You can create server traces using extended stored procedure
> but the options for trace destinations depends on what
> version of SQL Server you are using. If it's SQL Server
> 2000, you can't trace directly to a table but can use the
> fn_trace_gettable function to load the trace file into a
> table. If you are using SQL Server 7, use
> xp_trace_setqueuedestination to set the destination to a
> table.
>
> -Sue
>
> On Wed, 8 Jan 2003 10:22:21 -0800, "GS"
> <Gennadiy.Sayenko@med.nyu.edu> wrote:
>
> >I read that Profiler does not have to run in order to SQL
> >Trace to capture logins and other events. But how do i
> >configure it so it would capture specified events and
> >write it to the table? Security Tab does not give too many
> >options.
> >Thanks
> >>-----Original Message-----
> >>Enable SQL Server auditing for successfull and failed
> >logins.
> >>Right click on the server in Enterprise Manager,
> >Properties, Security Tab,
> >>Select audit for successfull & failed logins (All).
> >>Restart SQL Server.
> >>Review the NT Application Event log and/or SQL Server
> >Errorlog.
> >>or
> >>Setup a machine to run profiler & dump the results to a
> >table.  Add the
> >>security event under Security Audit for Login Failed.
> >>Review your audit tables as needed.
> >>
> >>Thanks,
> >>
> >>Kevin McDonnell
> >>Microsoft SQL Server
> >>
> >>This posting is provided AS IS with no warranties, and
> >confers no rights.
> >>
> >>Are you secure? For information about the Microsoft
> >Strategic Technology
> >>Protection Program and to order your FREE Security Tool
> >Kit, please visit
> >>http://www.microsoft.com/security.
> >>
> >>
> >>.
> >>
>

Relevant Pages

  • Re: Microsoft Informational Alert
    ... > PSS Security Response Team Alert - SQL Security Recommendations ... > PRODUCTS AFFECTED: SQL Server ... Secure your SA login account with a non-NULL password. ...
    (microsoft.public.security)
  • Re: User and Login auditing
    ... I am running SQL 7. ... You could put triggers on your trace table. ... How to Trace in SQL Server by Using Extended Stored ...
    (microsoft.public.sqlserver.security)
  • Re: Tracking user activities
    ... >> I'd like these settings to persist permanently and the event records to ... > In SQL 2000, this is not very simple to do. ... > Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx ... select Script Trace. ...
    (comp.databases.ms-sqlserver)
  • Maximum Number of Database Users and Roles
    ... of security accounts for sql server is 16379 ... I have a web site that I had/have to change the security model for which was ... originally setup using a Windows Domain Group and users to access our sql ...
    (microsoft.public.inetserver.asp.db)
  • Maximum Number of Database Users and Roles
    ... of security accounts for sql server is 16379 ... I have a web site that I had/have to change the security model for which was ... originally setup using a Windows Domain Group and users to access our sql ...
    (microsoft.public.sqlserver.server)