Product Reviews
Stay Up on Current Events
Despite a few rough edges in the beta version, Entegra does a fairly complete job of auditing SQL Server activity.
Lumigent has just announced Entegra, a new solution for auditing activity in
Microsoft SQL Server databases. I had a chance to play with a pre-release copy,
so here are some impressions.
Unlike other auditing solutions I've seen, Entegra doesn't instrument your
database with triggers. Instead, it uses the technology that Lumigent developed
for Log Explorer to monitor the SQL Server log files, so it knows about every
logged operation in the database. It then turns around and writes this data
back to a SQL Server repository database (with an open schema, so you can layer
your own report writer atop their data if you like).
The product is designed to audit DDL, DML, and SELECT statements, though the
version I saw didn't include SELECT auditing (that's not expected to ship until
Q1 2003 - they're also planning Oracle and Unix support in that timeframe).
The DDL and DML auditing, and reporting through their web-based console, is
impressive enough. Here's an example of what you can do: choose a row in a table,
see its original state, and its current state -- and every state in between,
together with the exact changes and when they were made.
Other features include alerting and monitoring, and the consolidation of audit
data from multiple servers into a single repository. You can choose what you
want to audit on the database, table, and action level, so you can keep routine
and non-critical transactions from overwhelming the repository.
There were a few rough edges on the late beta copy I looked at. The program
required a bunch of prerequisite software, and the install wasn't well-integrated.
The reporting console also wanted to see a SQL Server login rather than integrated
authentication, which I find distressing, given the well-known insecurities
in SQL Server authentication. But the overall concept is great, and the ability
to watch full audit trails of the data without modifying the database in any
way is overwhelmingly cool. I can think of lots of times when I would have loved
to have this, and there are plenty of obvious applications (healthcare, personnel,
and other sensitive types of data). Assuming they get a little more polish on
the product for release, this is one to watch.
About the Author
Mike Gunderloy, MCSE, MCSD, MCDBA, is a former MCP columnist and the author of numerous development books.