View Complete Post
In my MySql Table I need to keep track of all the changes, especially create,update, and delete changes each record. I need to keep track of who didwhat changes.
This is MySQL Create table Query
create table quotes(QuoteNumber int(15) ,Revision timestamp,Vendor varchar(45),PartNumber varchar(60),Status varchar(20),Customer varchar(45),Requestor varchar(20),X varchar(20),Xin varchar(10),Y varchar(20),Yin varchar(10),Layers Varchar(20),BlindVia varchar(20),Impedence varchar(20))
How can i implement the Audit trail to above table.Please help me,Thanks.
In today's security-conscious environments, a reliable audit trail is a valuable forensic tool The Windows Server 2003 operating system provides features that let you enable a wide range of applications to make use of auditing functionality. This article looks at auditing from the operating system perspective and describes a sample managed code implementation that will allow you to add auditing to your own server applications.
MSDN Magazine October 2005
I need to implement audit trail in my whole asp.net application. When a record get created, changed or deleted, i need to do an entry in database about username, datetime stamp, old and new record.
Can you please guide me on how to implement it at asp.net application level.
Should i use Microsoft Enterprise library logging block for this, as somebody told me that logging block will automatically create database table with all the entries i want.
Can somebody please verify whether all the columns i mention above will be catered by logging block.
I have a public function that i want to use for audit trail. I do not know
where to put this function. i tried to put it in the masterpage but
when i call the function out in the other aspx pages, it says that the
function is not declared.
Thanks in advance. Any help is gladly appreciated.
One of my reports has tight security issues that come with it. I have integrated windows authentication so that the logged in user's credentials are passwed as a parameter to the stored procedure that is called. That parameter is marked as HIDDEN, which
works perfectly for ad-hoc calls by end users to the report.
My security loophole seems to come in when the end user schedules a subscription. The "user id" parameter is then no longer hidden and the end user can schedule the report to run with any other user's id that they wish to.
If the subscription is still in the system I can read the Subscriptions table and see that "Bob" has asked for the report to run as though it is really "Sam." But the problem is if they remove that subscription, the ExecutionLog records the fact that the
report was run for "Bob" as the parameter, but it runs under the admin account of course, and there is no record (that I can find) of who the report was emailed to.
Is there a way I can find out who reports were emailed to when they were executed as subscriptions?