Monday, October 12, 2009

Trigger to monitor the entire database server


Please find this trigger script to monitor the entire database activities and to log its records into audit tables.
It will work on Sql Server 2008.
 
USE [master]
 -------Create table -------------------------
-- DROP TABLE AuditTrigger
 CREATE TABLE [dbo].[AuditTrigger](
 [OID] [bigint] IDENTITY(1,1) NOT NULL,
 [Details] [varchar](max) NULL,
 [Host] [varchar](20) NULL
)
GO
 -----Create proc to insert into AuditTrigger table
 IF EXISTS(SELECT 1 FROM sysobjects where name = 'PInsertAuditTrigger')
 BEGIN
 DROP PROCEDURE PInsertAuditTrigger
 END
GO
CREATE PROC PInsertAuditTrigger(@Details varchar(max),@hostname VARCHAR(MAX))
 AS
BEGIN
 INSERT INTO master.dbo.AuditTrigger(DETAILS,HOST) SELECT @DETAILS,@HOSTNAME
 END
 -------- Trigger to monitor tables
 GO
CREATE TRIGGER [Table_Trigger]
 ON ALL SERVER
FOR create_table,alter_table,drop_table
 AS
BEGIN
 print 'Create/Alter table is not allowed - '+host_name()
 rollback;
 DECLARE @host_name varchar(max),@Details varchar(max)
 SELECT @host_name = Host_name(),@Details = 'Create/Alter table'
 exec dbo.PInsertAuditTrigger @Details,@host_name
END
 -------- Trigger to monitor procedures
 GO
CREATE TRIGGER [Proc_Trigger]
 ON ALL SERVER
FOR create_procedure,alter_procedure,drop_procedure
 AS
BEGIN
 print 'Create/Alter procedure is not allowed - '+host_name()
 rollback;
 DECLARE @host_name varchar(max),@Details varchar(max)
 SELECT @host_name = Host_name(),@Details = 'Create/Alter procedure'
 exec dbo.PInsertAuditTrigger @Details,@host_name
END
 -------- Trigger to monitor login,roles and database
 GO
CREATE TRIGGER [Misc_Trigger]
 ON ALL SERVER
FOR Create_role,drop_role,alter_role,create_database,drop_database,alter_database,create_view,alter_view,drop_view,create_login,drop_login
 AS
BEGIN
 print 'Illegal operation is not allowed - '+host_name()
 rollback;
 DECLARE @host_name varchar(max),@Details varchar(max)
 SELECT @host_name = Host_name(),@Details = 'Illegal operation'
 exec dbo.PInsertAuditTrigger @Details,@host_name
END
GO
Posted by Renju at 12:22 PM
Labels: ,

1 comments:

Anonymous said...

Can anyone recommend the well-priced Remote Management & Monitoring software for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: [url=http://www.n-able.com] N-able N-central desktop support
[/url] ? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!

December 15, 2009 at 10:36 PM

Post a Comment

Subscribe to: Post Comments (Atom)