1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
|
-- Logging_Audit
USE [master]
GO
CREATE DATABASE [Logging_Audit]
GO
-- penser à mettre SA comme owner de la bd
USE [Logging_Audit]
GO
EXEC dbo.sp_changedbowner @loginame = N'sa', @map = false
GO
USE [Logging_Audit]
GO
/****** Object: Table [dbo].[log_traces] Script Date: 12/13/2011 10:33:21 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_PADDING ON
GO
CREATE TABLE [dbo].[log_traces](
[LoggingID] [bigint] IDENTITY(1,1) NOT NULL,
[EventTime] [datetime] NULL,
[EventType] [varchar](255) NULL,
[LoginName] [varchar](255) NULL,
[HostName] [varchar](255) NULL,
[DatabaseName] [varchar](255) NULL,
[ApplicationName] [varchar](255) NULL,
CONSTRAINT [PK_log_traces] PRIMARY KEY CLUSTERED
(
[LoggingID] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY]
GO
SET ANSI_PADDING OFF
GO
/****** Object: StoredProcedure [dbo].[sp_log_traces_Event_Insertion] Script Date: 12/13/2011 10:33:21 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[sp_log_traces_Event_Insertion]
AS
SET NOCOUNT ON;
DECLARE @message_body XML
DECLARE @message_type_name NVARCHAR(255)
DECLARE @dialog UNIQUEIDENTIFIER
--Endless loop
WHILE (1 = 1)
BEGIN
BEGIN TRANSACTION ;
-- Receive the next available message
WAITFOR (
RECEIVE TOP(1) @message_type_name=message_type_name, @message_body=message_body, @dialog = conversation_handle
FROM log_traces_Queue
), TIMEOUT 2000
--Rollback and exit if no messages were found
IF (@@ROWCOUNT = 0)
BEGIN
ROLLBACK TRANSACTION ;
BREAK ;
END ;
--End conversation of end dialog message
IF (@message_type_name = 'http://schemas.microsoft.com/SQL/ServiceBroker/EndDialog')
BEGIN
PRINT 'End Dialog received for dialog # ' + cast(@dialog as nvarchar(40)) ;
END CONVERSATION @dialog ;
END ;
ELSE
BEGIN
INSERT INTO log_traces (EventTime,EventType,LoginName,HostName,
DatabaseName,
ApplicationName )
VALUES (
CAST(CAST(@message_body.query('/EVENT_INSTANCE/PostTime/text()') AS VARCHAR(64)) AS DATETIME),
CAST(@message_body.query('/EVENT_INSTANCE/EventType/text()') AS VARCHAR(255)),
CAST(@message_body.query('/EVENT_INSTANCE/LoginName/text()') AS VARCHAR(255)),
CAST(@message_body.query('/EVENT_INSTANCE/HostName/text()') AS VARCHAR(255)),
case when CAST(@message_body.query('/EVENT_INSTANCE/DatabaseName/text()') AS VARCHAR(255)) = ''
then db_name ( CAST(CAST(@message_body.query('/EVENT_INSTANCE/DatabaseID/text()') AS VARCHAR(64)) AS INTEGER) )
else CAST(@message_body.query('/EVENT_INSTANCE/DatabaseName/text()') AS VARCHAR(255))
end ,
CAST(@message_body.query('/EVENT_INSTANCE/ApplicationName/text()') AS VARCHAR(255))
)
END
COMMIT TRANSACTION
-- PURGE au delà d'un mois
declare @premier_event datetime
; with SR AS ( select min(loggingId) min_loggingId from dbo.log_traces )
select @premier_event = LT.EventTime from dbo.log_traces LT
join SR on SR.min_loggingId = LT.loggingId
if @premier_event < DATEADD(month, -1, cast( convert(varchar, getdate() , 111 ) as datetime) )
delete dbo.log_traces
where EventTime <= DATEADD(month, -1, cast( convert(varchar, getdate() , 111 ) as datetime) )
END
GO
--------------------------------------------------------------------------------------------------------
USE [master]
GO
----Enable service broker
ALTER DATABASE Logging_Audit SET ENABLE_BROKER
GO
USE [Logging_Audit]
GO
--The queue
CREATE QUEUE log_traces_Queue
GO
--The service
CREATE SERVICE log_traces_Service
ON QUEUE log_traces_Queue
([http://schemas.microsoft.com/SQL/Notifications/PostEventNotification])
GO
--The route
CREATE ROUTE log_traces_Route
WITH SERVICE_NAME = 'log_traces_Service',
ADDRESS = 'LOCAL'
GO
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
CREATE EVENT NOTIFICATION log_traces_Event_Notification
ON SERVER
FOR AUDIT_LOGIN, AUDIT_LOGOUT, AUDIT_LOGIN_FAILED
TO SERVICE 'log_traces_Service', 'current database'
GO
ALTER QUEUE log_traces_Queue
WITH ACTIVATION (
STATUS = ON,
PROCEDURE_NAME = sp_log_traces_Event_Insertion ,
MAX_QUEUE_READERS = 2, EXECUTE AS SELF
)
GO
-------------------------------------------------------------------------------------
create View [dbo].[Log_view_rapport] as
SELECT [DatabaseName],[LoginName], [EventType],count(*) Card
FROM [dbo].[log_traces]
group by [DatabaseName],[EventType],[LoginName]
GO
-------------------------------------------------------------------------------------
select top 500 *
from [Logging_Audit].dbo.log_traces
order by 1 desc
select * from [Logging_Audit].[dbo].[Log_view_rapport] |
Partager