Audit Server Scope GDR Event Class
The Audit Server Scope GDR event class occurs when a GRANT, REVOKE, or DENY is issued for permissions in the server scope, such as creating a login.
Audit Server Scope GDR Event Class Data Columns
Data column name |
Data type |
Description |
Column ID |
Filterable |
---|---|---|---|---|
ApplicationName |
nvarchar |
Name of the client application that created the connection to an instance of SQL Server. This column is populated with the values passed by the application rather than the displayed name of the program. |
10 |
Yes |
ClientProcessID |
int |
ID assigned by the host computer to the process where the client application is running. This data column is populated if the client process ID is provided by the client. |
9 |
Yes |
DatabaseID |
int |
ID of the database specified by the USE database statement or the default database if no USE database statement has been issued for a given instance. SQL Server Profiler displays the name of the database if the ServerName data column is captured in the trace and the server is available. Determine the value for a database by using the DB_ID function. |
3 |
Yes |
DatabaseName |
nvarchar |
Name of the database in which the user statement is running. |
35 |
Yes |
DBUserName |
nvarchar |
SQL Server user name of the client. |
40 |
Yes |
EventClass |
int |
Type of event = 170. |
27 |
No |
EventSequence |
int |
Sequence of a given event within the request. |
51 |
No |
EventSubClass |
int |
Type of event subclass. 1=Grant 2=Revoke 3=Deny |
21 |
Yes |
HostName |
nvarchar |
Name of the computer on which the client is running. This data column is populated if the host name is provided by the client. To determine the host name, use the HOST_NAME function. |
8 |
Yes |
IsSystem |
int |
Indicates whether the event occurred on a system process or a user process. 1 = system, 0 = user. |
60 |
Yes |
LoginName |
nvarchar |
Name of the login of the user (either the SQL Server security login or the Microsoft Windows login credentials in the form of DOMAIN\username). |
11 |
Yes |
LoginSid |
image |
Security identification number (SID) of the logged-in user. You can find this information in the sys.server_principals catalog view. Each SID is unique for each login in the server. |
41 |
Yes |
NTDomainName |
nvarchar |
Windows domain to which the user belongs. |
7 |
Yes |
NTUserName |
nvarchar |
Windows user name. |
6 |
Yes |
ObjectName |
nvarchar |
Name of the object being referenced. |
34 |
Yes |
ObjectType |
int |
Value representing the type of the object involved in the event. This value corresponds to the type column in the sys.objects catalog view. For values, see ObjectType Trace Event Column. |
28 |
Yes |
OwnerName |
nvarchar |
Database user name of the object owner. |
37 |
Yes |
Permissions |
bigint |
Integer value representing the type of permissions checked. 1 = SELECT ALL 2 = UPDATE ALL 4 = REFERENCES ALL 8 = INSERT 16 = DELETE 32 = EXECUTE (procedures only) 4096 = SELECT ANY (at least one column) 8192 = UPDATE ANY |
19 |
Yes |
RequestID |
int |
ID of the request containing the statement. |
49 |
Yes |
ServerName |
nvarchar |
Name of the instance of SQL Server being traced. |
26 |
No |
SessionLoginName |
nvarchar |
Login name of the user who originated the session. For example, if you connect to SQL Server using Login1 and execute a statement as Login2, SessionLoginName shows Login1 and LoginName shows Login2. This column displays both SQL Server and Windows logins. |
64 |
Yes |
SPID |
int |
ID of the session on which the event occurred. |
12 |
Yes |
StartTime |
datetime |
Time at which the event started, if available. |
14 |
Yes |
Success |
int |
1 = success. 0 = failure. For example, a value of 1 indicates success of a permissions check and a value of 0 indicates failure of that check. |
23 |
Yes |
TargetLoginName |
nvarchar |
For actions that target a login (for example, adding a new login), the name of the targeted login. |
42 |
Yes |
TargetLoginSid |
image |
For actions that target a login (for example, adding a new login), the security identification number (SID) of the targeted login. |
43 |
Yes |
TextData |
ntext |
Text value dependent on the event class captured in the trace. |
1 |
Yes |
TransactionID |
bigint |
System-assigned ID of the transaction. |
4 |
Yes |
XactSequence |
bigint |
Token used to describe the current transaction. |
50 |
Yes |
Zobacz także
Odwołanie
sp_trace_setevent (Transact-SQL)