SQL Server 2000 and SQL Server 2005 offered C2
auditing, a government specification (see the Divisions and Classes section at http://en.
wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria). SQL Server 2005
included even more attempts at tracking changes, such as Data Definition Language
(DDL) triggers and event notifications. SQL Server 2008 includes a new feature called
Change Tracking, which comes much closer to meeting many legal requirements for
auditing than any of the earlier features.
You can enable Change Tracking at the entire database level, as shown in Figure A-3,
or at the individual table level. Once enabled, tracking is maintained for a set amount of
time and is performed synchronously when Data Manipulation Language (DML) events
occur.
APPENDIX n SQL SERVER 2008 CONSIDERATIONS 327
Figure A-3. The new Change Tracking feature provides automated cleanup.
AUDITING TO MITIGATE USER DISASTERS?
Many of the existing features in SQL Server 2005, such as DDL triggers, event notification, and the
OUTPUT clauses, are geared more toward auditing data rather than mitigating or responding to user
disasters.
Pages:
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613