Re: SQL SOX auditing and logging

---

• From: "SQL apprentice" <mssqlworld@xxxxxxxxx>
• Date: Wed, 7 Feb 2007 18:22:46 -0800

---

Thank you Erland,

I know what you mean...I think I will have to look for a 3rd party logging
tool like log explorer or ecora, so SOX people can control what they want.
At the sametime, they could cause performance lag to the database.
Have you done SOX for SQL?

"Erland Sommarskog" <esquel@xxxxxxxxxxxxx> wrote in message
news:Xns98D0F33007CAFYazorman@xxxxxxxxxxxx

SQL apprentice (mssqlworld@xxxxxxxxx) writes:

We are currently being audited for SOX compliance. The auditor wants us
to create log that captures all the activities from the DBA in the SA
role. Is there an easy way to generate logs for this audit that can be
written to the system event logs or flat file?
We can cause any performance delays on the SQL server...So I think
profiler might be too much for 24/7/365 logging.

Yes, but there is no reason to use Profiler. You can set up a server-
side trace instead.

But of course, as soon as you tell the auditor that he DBA can stop the
trace whenever he wishes, the auditor will not accept that log anyway.

And, while you can filer a trace for a loginname as "sa", I don't think
you can filter "capture anyone with sysadmin prvis". If the DBA wants to
be unlogged, he can create an account which has sysadmin privs, and
work from that when he wants to be private.




--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx

.

---

• Follow-Ups:
  • Re: SQL SOX auditing and logging
    • From: Anith Sen

• References:
  • SQL SOX auditing and logging
    • From: SQL apprentice
  • Re: SQL SOX auditing and logging
    • From: Erland Sommarskog

• Prev by Date: Re: Limit access in SQL Enterprise Manager?
• Next by Date: Veritas and SSIS
• Previous by thread: Re: SQL SOX auditing and logging
• Next by thread: Re: SQL SOX auditing and logging
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: C2 SQL auditing ... Andrew J. Kelly SQL MVP ... Do you suggest any third party tools for SOX compliance? ... I would like to off load the server side trace to the SOX team ... when I stop SQL server then my trace file gets populated. ... (microsoft.public.sqlserver.security) Re: One Web Service updates SQL, another cant? ... section of the Trace Properties dialog. ... And then I start getting the database closed errors on subsequent calls. ... > The error suggests that somehow the connection to SQL Server is being ... Could we have a look at your connection string? ... (microsoft.public.sqlserver.security) RE: cannot delete a record in sql server 2005 through asp program ... Using trace script he provided and trace file created by the script. ... SQL Server database by the asp application. ... Microsoft Online Community Support ... a Microsoft Support Engineer within 2 business day is acceptable. ... (microsoft.public.sqlserver.programming) Re: Profiler Security ... There's no way to restrict what a user of trace can see - if they ... etc. coming into SQL Server. ... >> want to assign the developers the sys admin sql role. ... (microsoft.public.sqlserver.security) Re: Auditing sql server at runtime ... "Manpreet Singh" wrote in message ... DB Dev SQL Server 2005 ... Use SQL Profiler to define your trace, ... Create a SQL Agent job to run that trace, ... (microsoft.public.sqlserver.clients)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > SQL-Server  > microsoft.public.sqlserver.tools  > 2007-02