December 11, 2006 at 9:25 am
Does anyone know of any way to audit the execution of DBCC commands WITHOUT creating a trace? What I would like to see is every DBCC command executed on a server showing up in the event log, regardless of who executes it.
So far, I've read that you can either start C2 auditing or create a trace on event 116. I do not want to start C2 auditing and if I create a trace, it will be written to a file on the server (which is not acceptable).
Anyone else doing this?
EdM
December 11, 2006 at 4:19 pm
The C2 auditing is really a trace, so I can sympathize with you there. Some of the DBCC commands are automatically audited to the SQL Server event log. Is there a particular set of DBCC commands you're interested in auditing?
K. Brian Kelley
@kbriankelley
December 11, 2006 at 5:12 pm
I see most of the documented dbcc writes the info to sql error log but most of un-documented dbcc not...
If you can spend money for this check for third party tools..
MohammedU
Microsoft SQL Server MVP
December 11, 2006 at 5:46 pm
True, but in most cases they are running a trace behind the scenes. If they aren't. they are likely putting shims in place (some tools do this to try and stop SQL Injection attacks, for instance).
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply