Log inserted/updated/deleted rows in all tables for a given database in SQL Server 2008

Question

Whats the best way to track/Log inserted/updated/deleted rows in all tables for a given database in SQL Server 2008?

Or is there a better "Audit" feature in SQL Server 2008?

Answer 1

Change Data Capture is designed to do what you want, but it requires each table be set up individually, so depending on the number of tables you have, there may be some logistics to it. It will also only store the data in capture tables for a couple of days by default, so you may need an SSIS package to pull it out and store for longer periods.

Answer 2

Short answer is that there is no one single solution fits all. It depends on the system but and requirements but here are couple different approaches.

DML Triggers

Relatively easy to implement, because you have to write one that works well for one table and then apply it to other tables.

Downside is that it can get messy when you have a lot of tables and even more triggers. Managing 600 triggers for 200 tables (insert, update and delete trigger per table) is not an easy task. Also, it might cause a performance impact.

Creating audit triggers in SQL Server
Log changes to database table with trigger

Change Data Capture

Very easy to implement, natively supported but only in enterprise edition which can cost a lot of $ ;). Another disadvantage is that CDC is still not as evolved as it should be. For example, if you change your schema, history data is lost.

Transaction log analysis

Biggest advantage of this is that all you need to do is to put the database in full recovery mode and all info will be stored in transaction log However, if you want to do this correctly you’ll need a third party log reader because this is not natively supported.

Read the log file (*.LDF) in SQL Server 2008
SQL Server Transaction Log Explorer/Analyzer

If you want to implement this I’d recommend you try out some of the third party tools that exist out there. I worked with couple tools from ApexSQL but there are also good tools from Idera and Netwrix

ApexSQL Log – auditing by reading transaction log

ApexSQL Comply – uses traces in the background and then parses those traces and stores results in central database.

Disclaimer: I’m not affiliated with any of the companies mentioned above.

Answer 3

I don't remember whether there is already some tool for this, but you could always use triggers (then you will have access for temporal tables with changed rows- INSERTED and DELETED). Unfortunately, it could be quite a work to do if you would like to track all tables. I believe that there should be some simpler solution, but do not remember as I said.

EDIT.

Maybe this could be helpful: --Change tracking http://msdn.microsoft.com/en-us/library/cc280462.aspx

Answer 4

http://msdn.microsoft.com/en-us/library/cc280386.aspx

This allows you to do audits at the database level; it may or may not be enough to meet the business requirements, as database records usually don't make all that much sense without the logic to glue them together. For instance, knowing that user x inserted a record into the "time_booked" table with a foreign key to the "projects", "users", "time_status" tables may not make all that much sense without the SQL query to glue those 4 tables together.

You may also need to have each database user connect with their own user ID - this is fine with integrated security and a client app, but probably won't work with a website using a connection pool.

Answer 5

The sql server logs are not possible to analyze just like that. There are some 3rd party tools available to read the logs but as far as I know you can't query them for statistics and such. If you need this kind of info you'll have to create some sort of auditing to capture all these events in separate tables. You can use "DDL triggers".