Setting up Service Broker to track user logins

  • I am looking for a Service Broker solution that can track who is logging into all my servers (66 last count). I do have a Central Management Server set up if that is an option. I need to track any user that logs into SQL using either an AD account that has sysadmin privileges or anyone who would log into one of my servers just using the SA account.

    I found a lot of links on setting up Service Broker, but nothing about tracking user logins.

    Any help would be great - link or otherwise.

    Thanks

  • Reading the post raises the question for me why you choose for ServiceBroker.

    I am much more inclined to suggest AuditTracing

    http://technet.microsoft.com/en-us/library/cc280386.aspx

  • Auditing would be much easier to set up, but way less secure.

    "Even when the Database Engine is writing to a file, other Windows users can read the audit file if they have permission. The Database Engine does not take an exclusive lock that prevents read operations."

    The issue I am having is that the systems administrators have complete control of the servers (not SQL) and all the log files the audit would write to can be modified. I didn't see anything about the audit being able to write to an internal table - is this an option?

    Service Broker is SQL internal which would be more secure and it can email alerts if I'm not mistaken. I didn't see that with auditing, but if it could then it could be an option.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply