April 6, 2006 at 1:12 pm
Comments posted to this topic are about the content posted at http://www.sqlservercentral.com/columnists/FVandeputte/sqlserver2005logontriggers.asp
April 17, 2006 at 8:56 am
This is a good article!
Question: the stored procedure LogginProc is doing the endless loop waiting for the logon event description to be queued and when it finds one it pulls the information from the queue. Is it really a trigger? I can do the similar thing with the traces. You just set up a server-side trace with logging to the trace file. Than the logon events will be logged to the trace file. Then you can select from the trace file into any table or you may select to keep this info in the trace file because you can query it too by fn_trace_gettable. I do understand that we will have to wait until trace file rolls over to get the information but it will be logged anyway.
But in general, this article is a very good and easy to understand example on how to use the Service Broker.
Regards,Yelena Varsha
April 18, 2006 at 11:24 am
Yelena,
You are right, you can get the same results by running a trace and saving it to a table. However I think event notifications are more robust and more flexible.
I named the article SQL Server Logon triggers, refering to Oracle. But on SQL Server they are not really triggers.
Kind regards,
Frederik
July 26, 2006 at 12:22 pm
but how to you disable unwanted logon like determine who from which workstation using which program. service broker will not kill the other one right?
November 14, 2006 at 7:00 am
Alan,
SQL Server 2005 SP2 CTP was released last week. MS added logon triggers. This will help you with problem.
See my follow up post on my blog
http://www.vandeputte.org/2006/11/sql-server-logon-triggers-part-2.html
March 19, 2008 at 4:03 pm
Can you please upload the scripts again. I can't find them under the URL you have listed.
thanks
February 27, 2009 at 1:20 am
Thanks for your offer this article.
I met some errors after running your scripts; ERRORLOG memessageike this...
...
2009-02-27 17:07:35.01 spid14s Error: 9644, Severity: 16, State: 14.
2009-02-27 17:07:35.01 spid14s An error occurred in the service broker message dispatcher, Error: 15517 State: 1.
and I could resolve this problem for below code,
ALTER AUTHORIZATION ON DATABASE::[My_DB_Name] TO [SA];
It works fine. I like it. 🙂
April 14, 2009 at 4:15 am
Hi,
Did you implement this logon trigger in a production heavy environment ?
I am asking this because i read few articles about big problems with logon triggers in heavy environments, sql instances crushes few times.
March 4, 2010 at 1:46 pm
I implemented the event notification fo rlogin as in Frederick's article.
It work fine.
Now I want to only insert rows for certain loginname's.
I made another stored procedure with an IF statement in the stored proc that only inserts if the loginname is not in a list that I provide. If it is, I roll back and break.
I alter queue with status = off for the old stored proc, then alter queue with status = on fo rthe new proc.
What happens is I get one row that stays in the queue when I let someone log in that should be INSERTED into the table and no further INSERTS occur.
This is the new stored proc:
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[proc_log_user_logins_new]
AS
SET NOCOUNT ON;
DECLARE @message_body XML,
@message_type_name NVARCHAR(256),
@dialog UNIQUEIDENTIFIER ;
--Endless loop
WHILE (1 = 1)
BEGIN
BEGIN TRANSACTION ;
-- Receive the next available message
WAITFOR (
RECEIVE TOP(1)
@message_type_name=message_type_name,
@message_body=message_body,
@dialog = conversation_handle
FROM log_user_logins_queue
), TIMEOUT 2000
--Rollback and exit if no messages were found
IF (@@ROWCOUNT = 0)
BEGIN
ROLLBACK TRANSACTION ;
BREAK ;
END ;
--End conversation of end dialog message
IF (@message_type_name = 'http://schemas.microsoft.com/SQL/ServiceBroker/EndDialog')
BEGIN
PRINT 'End Dialog received for dialog # ' + cast(@dialog as nvarchar(40)) ;
END CONVERSATION @dialog ;
END ;
ELSE
IF CAST(@message_body.query('/EVENT_INSTANCE/LoginName/text()') AS VARCHAR(100))
NOT IN ('m58467','ITSERVICES\M10077','patrol_ssuser','patrol_ssadmin')
BEGIN
ROLLBACK TRANSACTION ;
BREAK ;
END ;
BEGIN
INSERT INTO log_user_logins (
EventTime,
EventType,
LoginName,
HostName,
NTUserName,
NTDomainName,
Success,
FullLog)
VALUES
(
CAST(CAST(@message_body.query('/EVENT_INSTANCE/PostTime/text()') AS VARCHAR(64)) AS DATETIME),
CAST(@message_body.query('/EVENT_INSTANCE/EventType/text()') AS VARCHAR(100)),
CAST(@message_body.query('/EVENT_INSTANCE/LoginName/text()') AS VARCHAR(100)),
CAST(@message_body.query('/EVENT_INSTANCE/HostName/text()') AS VARCHAR(100)),
CAST(@message_body.query('/EVENT_INSTANCE/NTUserName/text()') AS VARCHAR(100)),
CAST(@message_body.query('/EVENT_INSTANCE/NTDomainName/text()') AS VARCHAR(100)),
CAST(CAST(@message_body.query('/EVENT_INSTANCE/Success/text()') AS VARCHAR(64)) AS INTEGER),
@message_body)
END
COMMIT TRANSACTION
END
Any help would be greatly appreciated.
I am not sure how to properly code rows I receive , but do not want to insert or keep them in the queue.
The row in the queue:
select * from log_user_logins_queue
1013D19B6C5A-C927-DF11-9A25-001A64C552F2D29B6C5A-C927-DF11-9A25-001A64C552F26log_user_logins_service65539http://schemas.microsoft.com/SQL/Notifications/PostEventNotification2http://schemas.microsoft.com/SQL/Notifications/EventNotification4X0xFFFE3C004500560045004E0054005F0049004E005300540041004E00430045003E003C004500760065006E00740054007900700065003E00410055004400490054005F004C004F00470049004E003C002F004500760065006E00740054007900700065003E003C0050006F0073007400540069006D0065003E0032003000310030002D00300033002D00300034005400310032003A00330032003A00310032002E003100380030003C002F0050006F0073007400540069006D0065003E003C0053005000490044003E00360032003C002F0053005000490044003E003C00540065007800740044006100740061003E002D002D0020006E006500740077006F0072006B002000700072006F0074006F0063006F006C003A0020005400430050002F0049005000260023007800300044003B000A007300650074002000710075006F007400650064005F006900640065006E0074006900660069006500720020006F006E00260023007800300044003B000A00730065007400200061007200690074006800610062006F007200740020006F0066006600260023007800300044003B000A0073006500740020006E0075006D0065007200690063005F0072006F0075006E006400610062006F007200740020006F0066006600260023007800300044003B000A00730065007400200061006E00730069005F007700610072006E0069006E006700730020006F006E00260023007800300044003B000A00730065007400200061006E00730069005F00700061006400640069006E00670020006F006E00260023007800300044003B000A00730065007400200061006E00730069005F006E0075006C006C00730020006F006E00260023007800300044003B000A00730065007400200063006F006E006300610074005F006E0075006C006C005F007900690065006C00640073005F006E0075006C006C0020006F006E00260023007800300044003B000A00730065007400200063007500720073006F0072005F0063006C006F00730065005F006F006E005F0063006F006D006D006900740020006F0066006600260023007800300044003B000A00730065007400200069006D0070006C0069006300690074005F007400720061006E00730061006300740069006F006E00730020006F0066006600260023007800300044003B000A0073006500740020006C0061006E00670075006100670065002000750073005F0065006E0067006C00690073006800260023007800300044003B000A007300650074002000640061007400650066006F0072006D006100740020006D0064007900260023007800300044003B000A00730065007400200064006100740065006600690072007300740020003700260023007800300044003B000A0073006500740020007400720061006E00730061006300740069006F006E002000690073006F006C006100740069006F006E0020006C006500760065006C0020007200650061006400200063006F006D006D0069007400740065006400260023007800300044003B000A003C002F00540065007800740044006100740061003E003C00420069006E0061007200790044006100740061003E0049004100410041004B0044006A003000410051004100410041004100410041003C002F00420069006E0061007200790044006100740061003E003C0044006100740061006200610073006500490044003E0036003C002F0044006100740061006200610073006500490044003E003C004E00540055007300650072004E0061006D0065003E007300670036003100350038003C002F004E00540055007300650072004E0061006D0065003E003C004E00540044006F006D00610069006E004E0061006D0065003E00490053004F003C002F004E00540044006F006D00610069006E004E0061006D0065003E003C0048006F00730074004E0061006D0065003E004E004A004300440054004C00300031005300470036003100350038003C002F0048006F00730074004E0061006D0065003E003C0043006C00690065006E007400500072006F006300650073007300490044003E0032003900340034003C002F0043006C00690065006E007400500072006F006300650073007300490044003E003C004100700070006C00690063006100740069006F006E004E0061006D0065003E004D006900630072006F0073006F00660074002000530051004C00200053006500720076006500720020004D0061006E006100670065006D0065006E0074002000530074007500640069006F0020002D002000510075006500720079003C002F004100700070006C00690063006100740069006F006E004E0061006D0065003E003C004C006F00670069006E004E0061006D0065003E00490053004F005C007300670036003100350038003C002F004C006F00670069006E004E0061006D0065003E003C0053007400610072007400540069006D0065003E0032003000310030002D00300033002D00300034005400310032003A00330032003A00310032002E003100370037003C002F0053007400610072007400540069006D0065003E003C004500760065006E00740053007500620043006C006100730073003E0031003C002F004500760065006E00740053007500620043006C006100730073003E003C0053007500630063006500730073003E0031003C002F0053007500630063006500730073003E003C0049006E007400650067006500720044006100740061003E0034003000390036003C002F0049006E007400650067006500720044006100740061003E003C005300650072007600650072004E0061006D0065003E004300410048005900570052003100430041005000490054004C00300036003C002F005300650072007600650072004E0061006D0065003E003C00440061007400610062006100730065004E0061006D0065002F003E003C004C006F00670069006E005300690064003E0041005100550041004100410041004100410041005500560041004100410041005700540048004C0064003400390051003400330043007A005A005100310058003200690051004100410041003D003D003C002F004C006F00670069006E005300690064003E003C005200650071007500650073007400490044003E0030003C002F005200650071007500650073007400490044003E003C004500760065006E007400530065007100750065006E00630065003E003200370036003000320035003C002F004500760065006E007400530065007100750065006E00630065003E003C0049007300530079007300740065006D002F003E003C00530065007300730069006F006E004C006F00670069006E004E0061006D0065002F003E003C002F004500560045004E0054005F0049004E005300540041004E00430045003E00
I think the problem is what is stated in books online for receive statement:
"The RECEIVE statement removes received messages from the queue unless the queue specifies message retention. When the RETENTION setting for the queue is ON, the RECEIVE statement
updates the status column to 1 and leaves the messages in the queue. When a transaction that contains a RECEIVE statement rolls back, all changes to the queue within the transaction are also rolled back, returning messages to the queue."
my retention is the default (off).
August 26, 2010 at 1:36 am
The script is working fine. But the table is keep on updating without any new logon event occurs. Also, it is not working for add_role_member server event.
Any help in this?
July 5, 2013 at 2:02 am
I know this is a pertty aged thread, but still helps a lot to me.
One issue i running into is, how to clean up history data in Logging table on daily/hour basis? Our environment has heavy activities, 10,0000 rows inserted int Logging table per hour.
I was wandering to restart Service Broker's conversation and truncate log table, just fail to manage the conversation on the right way.
Could someone kindly shed some lights on this? I'm a idiot on Service Broker:(
Thanks so much!
July 5, 2013 at 9:34 pm
Hi guys, just to follow up my finds. We can directly truncate the logging table to remove raw data.
To end the conersation to stop event notification, I use code below:
USE msdb;
GO
DECLARE
@conversation_handle uniqueidentifier,
@ended_count int;
SET @ended_count = 0;
DECLARE old_endpoints CURSOR LOCAL FAST_FORWARD FOR
SELECT conversation_handle
FROM sys.conversation_endpoints
WHERE
far_service IN('LoggingService');
OPEN old_endpoints;
WHILE 1 = 1
BEGIN
FETCH NEXT FROM old_endpoints INTO @conversation_handle;
IF @@FETCH_STATUS = -1 BREAK;
END CONVERSATION @conversation_handle WITH CLEANUP;
SET @ended_count = @ended_count + 1;
IF @ended_count % 10000 = 0
BEGIN
RAISERROR('Cleanup progress: %d conversations ended', 0, 1, @ended_count) WITH NOWAIT;
END
END
CLOSE old_endpoints;
DEALLOCATE old_endpoints;
And to restart it, re-create it on the target database:
CREATE EVENT NOTIFICATION Logging_Event_Notification
ON SERVER
FOR AUDIT_LOGIN, AUDIT_LOGIN_FAILED--, AUDIT_LOGOUT
TO SERVICE 'LoggingService', 'current database'
GO
Viewing 12 posts - 1 through 11 (of 11 total)
You must be logged in to reply to this topic. Login to reply