Home Business IT Security Using database triggers for alerting and auditing

Whether an enterprise application is custom-built or purchased off-the-shelf, you can always delve under the hood into the database layer to add your own specific functionality, like alerting and auditing when data is modified.

The 'magic' for want of a better word that makes this happen is triggers. This is a feature of high-end database systems like Oracle, SQL Server and MySQL that causes program code to execute via the ordinary creating, updating or deleting of data that typically occurs.

Triggers are implemented at the database layer and fired off by the database engine itself. This means you do not need to modify the code within your front-end application that the users see.

This is particularly important and beneficial when the program code is not in your control anyhow, like a third-party application.

It is also of value when you have multiple interfaces to your data - perhaps via a web app, a fat-client app and a mobile app - whether you can maintain the source code or not. In this case, the trigger can be created within the database and applies no matter how the user is working.

There are, of course, some catches.

I'll describe these on page two, and then give working T-SQL trigger code on page three to illustrate.

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

David M Williams

joomla site stats

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. Within two years, he returned to his alma mater, the University of Newcastle, as a UNIX systems manager. This was a crucial time for UNIX at the University with the advent of the World-Wide-Web and the decline of VMS. David moved on to a brief stint in consulting, before returning to the University as IT Manager in 1998. In 2001, he joined an international software company as Asia-Pacific troubleshooter, specialising in AIX, HP/UX, Solaris and database systems. Settling down in Newcastle, David then found niche roles delivering hard-core tech to the recruitment industry and presently is the Chief Information Officer for a national resources company where he particularly specialises in mergers and acquisitions and enterprise applications.

Connect