March 23, 2010 at 12:02 am
Comments posted to this topic are about the item Reverse Engineering a Server Side Trace
Lowell
March 23, 2010 at 1:08 am
Excellent topic and excellent article.
Thanks Lowell. This is very useful stuff to have in the tool-belt.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
March 23, 2010 at 3:04 am
Great article, this will be very useful.
I spotted a typo on line 65 of your stored proc:
from ::fn_trace_geteventinfo(1) AS X
...should be:
from ::fn_trace_geteventinfo(@traceid) AS X
Cheers
Chris
March 23, 2010 at 6:11 am
Thank you for the salute Jason and Thanks for identifying the fix, Chris;
Something that might escape some folks is did you know that C2 auditing is just another version of a trace?
a lot of people think it's one of those black box/magical complex things only super dba's know, and it's all requirement for SOX compliance.
fortunately, a trace is a trace...it's just 1100 lines of events it is going to capture, compared to ~770 for the default trace.
As an example, here are a couple of traces I ran off of my SLQ2008 server; one is the trace created by C2 Auditing, and the other is one created from the default trace.
I just love looking at the details i guess.
To do it yourself, it really easy to enable the C2 Auditing to test this: it's in the SSMS, you simply right click on your server, select properties, and there is a check box on the security tab.
The C2 Audit requires a start and stop of the SQL Server to get it in place, and it becomes traceid 1, with the default trace = traceid 2; I had really grown accustomed to the default trace being traceid = 1, so it was another thing to learn on this one that it could move around.
here is a link to download the version whitht he correction that Chris identified:
Lowell
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply