Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
Kbalz
Yak Posting Veteran
94 Posts |
 Posted - 2010-04-05 : 09:45:41
|
| We have been sql transaction attacked, and it is still happening.. is there some way we can peer into the transaction logs and see which login or which IP address is running updates? I've never done something like this. Thanks, K |
|
|
Kbalz
Yak Posting Veteran
94 Posts |
Posted - 2010-04-05 : 10:33:24
|
| Okay I've been using ::fn_dblog, but there isn't anything that can help me identify update statements or where they are coming from. Oh well. |
 |
|
|
Kristen
Test
22859 Posts |
Posted - 2010-04-05 : 13:27:27
|
| SQL Profiler? (Won't help with what's gone, but may help with any new attacks |
|
|
|
russell
Pyro-ma-ni-yak
5072 Posts |
Posted - 2010-04-06 : 12:16:13
|
| you're energy is better focused on fixing the front end. also reviewing any logs (iis logs) may provide clues. |
|
|
|
GilaMonster
Master Smack Fu Yak Hacker
4507 Posts |
Posted - 2010-04-07 : 10:53:21
|
| Profiler's the tool you want. The tran log's not intended to be human-readable. It's for database integrity, not to track where statements come from.--Gail ShawSQL Server MVP |
|
|
|
|
|
|
Transaction Logs