1

Is it possible to audit the changed values using SQL Server Auditing for stored procedures? Note: I'm not talking about CDC.

I've got basic auditing working, writing to the security log. If I run an INSERT statement, I get a 33205 event contain this [I've removed a lot of the message for clarity]:

Audit event: event_time:2013-01-31 14:06:53.4855165
 :
statement:INSERT INTO [DB1].[dbo].[Table1]
           ([ANumber]
           ,[AName]
           ,[ADescription])
     VALUES
           (21, 'Cheese', 'Cheese making.')
additional_information:
.

And that's great! But if I turn it into a stored procedure with parameters, I get [also edited]:

Audit event: event_time:2013-01-31 14:07:29.3099731
 :
statement:INSERT INTO [DB1].[dbo].[Table1]
               ([ANumber]
               ,[AName]
               ,[ADescription])
         VALUES
               (@aNumber, @aName, @aDescription)
additional_information:
.

which is as useful as a chocolate teapot. What use is knowing who did something and when if you don't know what they did? I feel like there ought to be an 'Include parameter values' flag or something but I can't find one. What am I missing, here?

4

1 回答 1

1

It's funny how posting a question can trigger the thought processes that lead to the answer, isn't it?

SQL Server Auditing treats the EXEC of the stored procedure as a separate audit from the INSERT (or other) that the SP is carrying out. The parameters are audited as part of the EXEC statement. You need to make sure you're auditing the right objects.

于 2013-01-31T19:18:55.883 回答