7/24/2019 Tim Hieu SQL 2012

1/15

AUDIT TRONG SQL SERVER 2012

Ngoi nhng tnh nng v Auit !" #$ t%ong # 'hi(n )*n t%+,#- SQL S.%v.% 2012 #ung #/'th( %/t nhiu tnh nng ,i- t%ong !$ )o g 3t 45 #*i ti6n 7nh 8 #ho 9h* nng gi& 4&t:uit; SQL S.%v.%n !>u #? )i vi6t n@ in 9h&i Bu&t C7i t/t #* nhng tnh nng v uit #$ t%ong nhng 'hi(n)*n SQL S.%v.% t%+,# !@- )o g # tnh nng

T%igg.% SQL S.%v.% Auit

Fhng. Dt F'tu%. :FDF;

Fhng. T%#9ing :FT;

1. TriggerT%igg.% C 1 !5i t+ng :o)H.#t; t%ong t)4. #ho 'h' #h7@ th? tJ# C+u t% :4to%. '%o#.u%.;no !$ Ki 9hi #$ 1 th@ !i *@ %< F$ 2 Co7i T%igg.%

DDL Trigger &' Jng #ho nhng th@ !i Ci(n Bun !6n #/u t%M# #? t)4.- nh+ALTER DATAASE- FREATE TALE-

DML Trigger &' Jng #ho nhng th@ !i Ci(n Bun t%P# ti6' !6n Ciu- nh+U=DATE- INSERT- DELETEn #? SQL S.%v.% Auit

Audit Object T%ong Ki In4tn#. #hMng t #$ th t7o % nhiu uit 9h nhu< eng v,iKi Auit 48 'h*i #hf % 1 uit .4tintion ! ghi C7i nhng thng tin !+# gi& 4&tn th@ !i #? ng Ciu !$-

=h*i .n)C. tnh nng Fhng. T%#9ing #ho tang t)C. )7n u5n th.o mi

-- b?t t@nh nAng hange Tracing cho databaseALTER DATABASEAd+e$,-eWo-s/01/

SET CHANGE_TRAC2ING) O+

(CHANGE_RETENTION) % DA3S,AUTO_CLEANUP) O+!9

--b?t t@nh nAng hange Tracing cho tab0eALTER TABLE Tes$ENABLECHANGE_TRAC2INGWITH(TRAC2_COLU%NS_UPDATED) O+!9

Su 9hi )t Fhng. T%#9ing- #hMng t #$ th 4 Jng 1 45 vi.] hoY# Zun#tion ! . thng tin

--0it M c>c database trong instance cN b?t t@nh nAng hange TracingSELECT 4 FRO% sys.c'!ge_$-!c)g_d!$!"!ses

--0it M c>c tab0e trong database hin ti cN b?t t@nh nAng hange TracingSELECT 4 FRO% sys.c'!ge_$-!c)g_$!"#es

30it M tIt c c>c dng d 0i trong tab0e Test (QR b?t t@nh nAng hangeTracing! cSng vi c>c thng tin v version tVng Wng 3SELECTt/, ct/FRO% Tes$t CROSS APPL3CHANGETABLE5VERSIONTest, (id!, t/id 6ASct9

V,i nhng tnh nng t%(n- ng+^i Bu*n t% #$ !? 9h* nng ! gi& 4&t 1 #h #hi ti6t nhng th@!i v #/u t%M# #ng nh+ v Ciu t%ong # t)4. #? cnh GB > TB ? > UNLI%ITED ? = 9 < 8 %AX_ROLLOVER_FILES 8 )$ege- > UNLI%ITED ? ? > 8 %AX_FILES )$ege- ? = 9 < RESERVE_DIS2_SPACE 8 ON > OFF ? =?

:!,d)$_op$)os;8 9 UEUE_DELA3 )$ege- = 9 < ON_FAILURE 8 CONTINUE > SHUTDOWN > FAIL_OPERATION ? =

9 < AUDIT_GUID ,),e)de$)&)e- =?

:p-ed)c!$e_e*p-ess)o;8 9NOT = :p-ed)c!$e_&!c$o-;

9 8 AND > OR ? 9NOT = 8 :p-ed)c!$e_&!c$o-; ? =9 : ; > > ; > ; > : > : ? 8 ,("e- >

s$-)g ?

Argu'ents

TO ~ zILE A==LIFATION`LOG SEFURIT`LOG

D.t.%in.4 th. Co#tion oZ th. uit t%g.t< Th. o'tion4 %. )in%@ ZiC.- Th. ino]4A''Ci#tion Cog- o% th. ino]4 S.#u%it@ Cog< SQL S.%v.% #nnot ]%it. to th. ino]4 S.#u%it@Cog ]ithout #onZigu%ing itionC 4.tting4 in ino]4< zo% o%. inZo%tion- 4.. %it. SQLS.%v.% Auit Ev.nt4 to th. S.#u%it@ LogE8E cause

Th. ZoCCo]ing .'C. oiZi.4 th. ]h.%. #Cu4. #%.t. in .'C. F oZ FREATE SERVER AUDIT:T%n4#tSQL;

7/24/2019 Tim Hieu SQL 2012

14/15

LT". #".*". UD4T 7;i0ter;or#ensitiveData8OD4;: +" ) ditDataccess9GOLT". #".*". UD4T 7ditDataccess8 [4TY (#TT" ) O+!9GO

V J 4u 48 t7o 1 S.%v.% Auit #hf C+u vo uit Cog nhng 4P 9in #$ i 1k1

CREATE SERVER AUDIT75;i0tereddit"vent8WHEREser_de

7/24/2019 Tim Hieu SQL 2012

15/15

T%(n !@ C 1 45 #*i ti6n t%ong SQL S.%v.% 2012 nhx #ung #/' 9h* nng Auit Ciu 1 #hCinh ho7t v hu #h #ho nhng ng+^i Bu*n t%