views:

43

answers:

1

I am trying to configure auditing on my SQL Server using Service Broker. I did all the configuration needed to capture the DDL Events (queue, routes, endpoints, event notification). It is working properly except that I am not able to get the hostname of the client from where the DDL event originated from.

Using the service broker's activation procedure, I tried reading the value from the message_body, but there's no xml element that contains the hostname. I can see a value for the SPID but am unable to make use of it. Exec'ing sp_who and querying sys.processes against this SPID doesn't return any value. And running sp_who without parameter shows only one process (I think it's the background process used by the service broker). Is it all because the message was sent asynchronously? But why will it cause the activation context to see different data on sys.processes view?

I am aware that there are DDL triggers that can achieve the same goal, but it seems it is tightly coupled to the command that causes it to fire. So if the triggers fails, the command will also fail.

UPDATE: I managed to retrieve the Hostname by using a combination of xp_cmdshell and sqlcmd (command line app). But I also realized that since the message is asynchronous, it is not always reliable (The SPID who issue the DDL command might have been disconnected already before the message is read from the queue).

A: 

I'm not exactly sure what you're trying to implement here, but it's expected that activated procedure will only see a subset of rows in DMVs. This has to do with activation context which often impersonates a different user that you use when debugging the procedure. That impersonated user will only see these rows of server-level views and DMVs to which it has permissions. See here and here for more info.

Pawel Marciniak
Thanks for the reply. What I am trying to achieve is to capture DDL events using Event Notification and Service Broker. Unfortunately DDL event notification messages that are sent to the service broker do not contain information about the Hostname from where the DDL command originated from, only the SPID. I am able to examine the DMV by dumping its content to some table when my SP is activated by the message queue, and not by ruuning it on a debugger or SSMS.
Darnell
Can't you use the <ServerName/> element of EVENTDATA?
Pawel Marciniak
But ServerName is the name of the database server where the DDL command is run against. I am interested on the hostname of the client who actually issued the command.
Darnell
Oh, I see. Sorry, I missed that in your original question. As you correctly pointed out yourself, trying to resolve the spid from an asynchronous activated procedure will never be reliable, because there is no warranty that the client connection will still be there at the time of resolving the spid. If this is your requirement, then I think you should consider using triggers or profiler audit traces rather than inherently asynchronous Service Broker. Or just send a customized "event notification" (containing the client's hostname) from a trigger, using Service Broker.
Pawel Marciniak