AuditDatabase.com
home Tools Blog FAQ Downloads About Us
Site News
4 May 2008

Working on SQL Server 2008 Triggers
23 January 2008

FAQ page - New questions
14 March 2007

Blog support RSS subscriptions


Last Web Tool Updates
1 Nov 2008

ANSI SQL NUMERIC data type supported in create table script
16 March 2008

SQL Server 2005 triggers code optimizations
16 January 2007

Audit IP address and Application Name using stored procedure helper

FAQ


Are IP Address and Application Name audited in SQL Server?

By Design, SQL Server triggers cannot access this information. Therefore auditdatabase.com developed a helper stored procedure named "AuditDatabase_SetSessionInfo" that applications can call to achieve that. When this stored procedure is called, the IP Address and Application Name are saved at current session level. Later, audit triggers use this session information to associate IP Address and Application Name to every audited operation that occurs at current session.

What's the difference between "Auditable" and "Registrable" columns?

Auditable columns are those that fires the generation of audit information. Registrable columns do not generate audit information by themselves. But in the case audit information is generated, the values of every registrable column of the table is saved into audit tables.
In other words, when an update sentence affects an auditable column,
Audit Information is generated for the auditable column as well as for each one of the registrable columns of the table. In contrast, in the case that an update sentence affects only registrable columns (none of the affected columns is auditable), audit information is not generated.

For example, suppose a table named "Invoice" which has “Total” auditable column and "CustomerId" registrable column and consider the following sentences:
a) update Invoice set Total=100 where InvoiceId=3455
b) update Invoice set CustomerId='JSMITH' where InvoiceId=3455

Sentence a) generates audit information for the columns "Total" and "CustomerId".
Sentence b) doesn't generate audit information.

Is it possible to integrate the audit of intrinsic operations of my application (For example: Transfer funds, Block customer account, Change Quote, etc.) with the traditional data changes audit of auditdatabase triggers?

Yes. Auditdatabase.com provides the “AuditDatabase_LogApplicationOperation” stored procedure that allows storing audit information from application operations IN THE SAME AUDIT STRUCTURES that audit triggers use. Later, this information can be queried through the “Auditdatabase Query Tool” (The same tool that’s used to consult data changes information)
An example of how the applications can call to this stored procedure is listed here:

DECLARE @ApplicationOperation varchar(10)
DECLARE @ApplicationOperationInfo varchar(100)
set @ApplicationOperation = 'LOAN'
set @ApplicationOperationInfo = 'Customer 4555, Loan enabled - the customer have excellent pay history'
EXEC AuditDatabase_LogApplicationOperation @ApplicationOperation, @ApplicationOperationInfo
Last Site Update: 1 Nov 2008
© 2006 AuditDatabase. Designed By Lee J. Moore