1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
-- Logging_Audit
USE [master]
GO
CREATE DATABASE [Logging_Audit]
GO
-- penser à mettre SA comme owner de la bd
USE [Logging_Audit]
GO
EXEC dbo.sp_changedbowner @loginame = N'sa', @map = false
GO
USE [Logging_Audit]
GO
/****** Object: Table [dbo].[log_traces] Script Date: 12/13/2011 10:33:21 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_PADDING ON
GO
CREATE TABLE [dbo].[log_traces](
[LoggingID] [bigint] IDENTITY(1,1) NOT NULL,
[EventTime] [datetime] NULL,
[EventType] [varchar](255) NULL,
[LoginName] [varchar](255) NULL,
[HostName] [varchar](255) NULL,
[DatabaseName] [varchar](255) NULL,
[ApplicationName] [varchar](255) NULL,
CONSTRAINT [PK_log_traces] PRIMARY KEY CLUSTERED
(
[LoggingID] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY]
GO
SET ANSI_PADDING OFF
GO
/****** Object: StoredProcedure [dbo].[sp_log_traces_Event_Insertion] Script Date: 12/13/2011 10:33:21 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[sp_log_traces_Event_Insertion]
AS
SET NOCOUNT ON;
DECLARE @message_body XML
DECLARE @message_type_name NVARCHAR(255)
DECLARE @dialog UNIQUEIDENTIFIER
--Endless loop
WHILE (1 = 1)
BEGIN
BEGIN TRANSACTION ;
-- Receive the next available message
WAITFOR (
RECEIVE TOP(1) @message_type_name=message_type_name, @message_body=message_body, @dialog = conversation_handle
FROM log_traces_Queue
), TIMEOUT 2000
--Rollback and exit if no messages were found
IF (@@ROWCOUNT = 0)
BEGIN
ROLLBACK TRANSACTION ;
BREAK ;
END ;
--End conversation of end dialog message
IF (@message_type_name = 'http://schemas.microsoft.com/SQL/ServiceBroker/EndDialog')
BEGIN
PRINT 'End Dialog received for dialog # ' + cast(@dialog as nvarchar(40)) ;
END CONVERSATION @dialog ;
END ;
ELSE
BEGIN
INSERT INTO log_traces (EventTime,EventType,LoginName,HostName,
DatabaseName,
ApplicationName )
VALUES (
CAST(CAST(@message_body.query('/EVENT_INSTANCE/PostTime/text()') AS VARCHAR(64)) AS DATETIME),
CAST(@message_body.query('/EVENT_INSTANCE/EventType/text()') AS VARCHAR(255)),
CAST(@message_body.query('/EVENT_INSTANCE/LoginName/text()') AS VARCHAR(255)),
CAST(@message_body.query('/EVENT_INSTANCE/HostName/text()') AS VARCHAR(255)),
case when CAST(@message_body.query('/EVENT_INSTANCE/DatabaseName/text()') AS VARCHAR(255)) = ''
then db_name ( CAST(CAST(@message_body.query('/EVENT_INSTANCE/DatabaseID/text()') AS VARCHAR(64)) AS INTEGER) )
else CAST(@message_body.query('/EVENT_INSTANCE/DatabaseName/text()') AS VARCHAR(255))
end ,
CAST(@message_body.query('/EVENT_INSTANCE/ApplicationName/text()') AS VARCHAR(255))
)
END
COMMIT TRANSACTION
-- PURGE au delà d'un mois
declare @premier_event datetime
; with SR AS ( select min(loggingId) min_loggingId from dbo.log_traces )
select @premier_event = LT.EventTime from dbo.log_traces LT
join SR on SR.min_loggingId = LT.loggingId
if @premier_event < DATEADD(month, -1, cast( convert(varchar, getdate() , 111 ) as datetime) )
delete dbo.log_traces
where EventTime <= DATEADD(month, -1, cast( convert(varchar, getdate() , 111 ) as datetime) )
END
GO
--------------------------------------------------------------------------------------------------------
USE [master]
GO
----Enable service broker
ALTER DATABASE Logging_Audit SET ENABLE_BROKER
GO
USE [Logging_Audit]
GO
--The queue
CREATE QUEUE log_traces_Queue
GO
--The service
CREATE SERVICE log_traces_Service
ON QUEUE log_traces_Queue
([http://schemas.microsoft.com/SQL/Notifications/PostEventNotification])
GO
--The route
CREATE ROUTE log_traces_Route
WITH SERVICE_NAME = 'log_traces_Service',
ADDRESS = 'LOCAL'
GO
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
CREATE EVENT NOTIFICATION log_traces_Event_Notification
ON SERVER
FOR AUDIT_LOGIN, AUDIT_LOGOUT, AUDIT_LOGIN_FAILED
TO SERVICE 'log_traces_Service', 'current database'
GO
ALTER QUEUE log_traces_Queue
WITH ACTIVATION (
STATUS = ON,
PROCEDURE_NAME = sp_log_traces_Event_Insertion ,
MAX_QUEUE_READERS = 2, EXECUTE AS SELF
)
GO
-------------------------------------------------------------------------------------
create View [dbo].[Log_view_rapport] as
SELECT [DatabaseName],[LoginName], [EventType],count(*) Card
FROM [dbo].[log_traces]
group by [DatabaseName],[EventType],[LoginName]
GO
-------------------------------------------------------------------------------------
select top 500 *
from [Logging_Audit].dbo.log_traces
order by 1 desc
select * from [Logging_Audit].[dbo].[Log_view_rapport] |
Login encore utilisé?
Répondre avec citation
Envoyé par 7gyY9w1ZY6ySRgPeaefZ
Partager