December 9, 2003 at 1:54 pm
Hello All,
I am trying to detect any unauthorized attempts via either Web or QA.
I've been using alerts many times before, but here I got stuck a bit.
Which Error should I pick out of 18450-18461(?!) for QA/Web?
Would it be the same Error or different?
What Auditing Level should I set for my servr (if any?)
What Else?
Can someone provide a good flow on that.
What is important that I need response right away.
There is a good article thru using running jobs:
http://www.databasejournal.com/features/mssql/print.php/2243271
TIA
ad
December 12, 2003 at 8:00 am
This was removed by the editor as SPAM
December 15, 2003 at 10:39 am
I am using Alerts with Errors 18450, 18452, 18456 on SQL 2K/NT 4.0 Server.
On the same computer I am logging with SQL Authentication using non-existing SQL accounts.
Alerts are NOT fired!!!???
Yes, Login attempts are logged and could be seen in Events viewer and in SQL Server Error Log.
I can run a job (every 15-30 minutes) querying SQL Server Error Log and based on entries there issue a NET Send or other commands.
But I need to get an immediate response, which was not happened.
I was using All available Audit Level and non of the above worked.
Also is there a better way to get immediate response on unauthorized access using generic SQl Server tools.
Thank you
ad
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply