Suggestions for implementing audit tables in SQL Server?

One simple method I've used in the past is basically just creating a second table whose structure mirrors the one I want to audit, and then create an update/delete trigger on the main table. Before a record is updated/deleted, the current state is saved to the audit table via the trigger.

While effective, the data in the audit table is not the most useful or simple to report off of. I'm wondering if anyone has a better method for auditing data changes?

There shouldn't be too many updates of these records, but it is highly sensitive information, so it is important to the customer that all changes are audited and easily reported on.


Solution 1:

How much writing vs. reading of this table(s) do you expect?

I've used a single audit table, with columns for Table, Column, OldValue, NewValue, User, and ChangeDateTime - generic enough to work with any other changes in the DB, and while a LOT of data got written to that table, reports on that data were sparse enough that they could be run at low-use periods of the day.

Added: If the amount of data vs. reporting is a concern, the audit table could be replicated to a read-only database server, allowing you to run reports whenever necessary without bogging down the master server from doing their work.

Solution 2:

We are using two table design for this.

One table is holding data about transaction (database, table name, schema, column, application that triggered transaction, host name for login that started transaction, date, number of affected rows and couple more).

Second table is only used to store data changes so that we can undo changes if needed and report on old/new values.

Another option is to use a third party tool for this such as ApexSQL Audit or Change Data Capture feature in SQL Server.

Solution 3:

I have found these two links useful:

Using CLR and single audit table.
Creating a generic audit trigger with SQL 2005 CLR

Using triggers and separate audit table for each table being audited.
How do I audit changes to SQL Server data?

Solution 4:

Are there any built-in audit packages? Oracle has a nice package, which will even send audit changes off to a separate server outside the access of any bad guy who is modifying the SQL.

Their example is awesome... it shows how to alert on anybody modifying the audit tables.

Solution 5:

OmniAudit might be a good solution for you need. I've never used it before because I'm quite happy writing my own audit routines, but it sounds good.