tags:

views:

1111

answers:

5
+4  Q: 

Microsoft SQL Server - Who created a Stored Procedure?

Is there a good way to tell who created a stored procedure in SQL Server 2005 (that also works in 2008)? In SQL Management Studio I can right mouse/properties on a proc to get the created date/time but how do I discover the creator?

+2  A: 

I believe this is not available in SQL 2005. Certainly it's not available in the properties in SQL Management Studio, and not available in the sys.objects table or any others I can see.

Rory  2009-03-04 00:10:21
+1  A: 

If it was not created too long ago, try this:

DECLARE @path varchar(256)

SELECT @path = path
FROM sys.traces
where id = 1

SELECT *
FROM fn_trace_gettable(@path, 1)

It selects the current (out of the box) default trace. If it was created recently (and the server hasn't been restarted recently), then the stored procedure object name and the login name that created it will be in the trace data.

Mitch Wheat  2009-03-04 00:11:02
@Bruno Tyndall: so how did you go?
Mitch Wheat  2009-03-04 00:35:40
This proc was created 3 years ago. Guess this would not work. Also, when I tried to run it I got "You do not have permission to run 'SYS.TRACES'." Guess I could ask the DBA to run it. But...
tyndall  2009-03-04 17:33:34
I think what you are saying is the traces info is only good for about a day, a week, maybe a month?
tyndall  2009-03-04 17:34:40
Correct, SQL Server doesn't keep its default trace data for very long as it would quickly fill the hard drive.
mrdenny  2009-03-31 04:46:06
A Blackbox trace can be very useful: http://mitch-wheat.blogspot.com/2009/01/sql-servers-built-in-traces.html
Mitch Wheat  2009-03-31 15:19:58
+4  A: 

It may be too late for you now, but you can keep track of DDL activity.

We have a table in our administrative database that gets all the activity put in it. It uses a DDL trigger, new to 2005. These scripts create a table in your admin DB (SQL_DBA for me), create a trigger on the model db, create triggers on existing databases. I also created a sp_msforeachDB statement at the end to disable all of them.

One caveat - your databases need to be in compatibility mode of 90(in options for each db), otherwise you may start getting errors. The account in the EXECUTE AS part of the statement also needs access to insert into your admin table.

USE [SQL_DBA]
GO
/****** Object:  Table [dbo].[DDL_Login_Log]    Script Date: 03/03/2009 17:28:10 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TABLE [dbo].[DDL_Login_Log](
    [DDL_Id] [int] IDENTITY(1,1) NOT NULL,
    [PostTime] [datetime] NOT NULL,
    [DB_User] [nvarchar](100) NULL,
    [DBName] [nvarchar](100) NULL,
    [Event] [nvarchar](100) NULL,
    [TSQL] [nvarchar](2000) NULL,
    [Object] [nvarchar](1000) NULL,
 CONSTRAINT [PK_DDL_Login_Log] PRIMARY KEY CLUSTERED 
(
    [DDL_Id] ASC,
    [PostTime] ASC
)WITH (PAD_INDEX  = OFF, STATISTICS_NORECOMPUTE  = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS  = ON, ALLOW_PAGE_LOCKS  = ON) ON [PRIMARY]
) ON [PRIMARY]
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--This creates the trigger on the model database so all new DBs get it
USE [model]
GO
/****** Object:  DdlTrigger [ddl_DB_User]    Script Date: 03/03/2009 17:26:13 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TRIGGER [ddl_DB_User] 
ON DATABASE
FOR DDL_DATABASE_SECURITY_EVENTS
AS 

DECLARE @data XML
declare @user nvarchar(100)

SET @data = EVENTDATA()
select @user = convert(nvarchar(100), SYSTEM_USER)

execute as login='domain\sqlagent'
INSERT sql_dba.dbo.DDL_Login_Log 
   (PostTime, DB_User, DBName, Event, TSQL,Object) 
   VALUES 
   (@data.value('(/EVENT_INSTANCE/PostTime)[1]', 'nvarchar(100)'), 
   @user,
    db_name(),
    @data.value('(/EVENT_INSTANCE/EventType)[1]', 'nvarchar(100)'), 
   @data.value('(/EVENT_INSTANCE/TSQLCommand/CommandText)[1]','nvarchar(max)'),
    @data.value('(/EVENT_INSTANCE/ObjectName)[1]', 'nvarchar(1000)')
)

GO
SET ANSI_NULLS OFF
GO
SET QUOTED_IDENTIFIER OFF
GO


--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--CREATE TRIGGER IN ALL NON SYSTEM DATABASES

DECLARE @dataname varchar(255),
@dataname_header varchar(255),
@command VARCHAR(MAX),
@usecommand VARCHAR(100)
SET @command = '';
DECLARE datanames_cursor CURSOR FOR SELECT name FROM sys.databases 
WHERE name not in ('master', 'pubs', 'tempdb', 'model','msdb')
OPEN datanames_cursor
FETCH NEXT FROM datanames_cursor INTO @dataname
WHILE (@@fetch_status = 0)
BEGIN

PRINT '----------BEGIN---------'

PRINT 'DATANAME variable: ' + @dataname;

EXEC ('USE ' + @dataname);

PRINT 'CURRENT db: ' + db_name();

SELECT @command = 'CREATE TRIGGER DBA_Audit ON DATABASE
FOR DDL_DATABASE_LEVEL_EVENTS
AS
DECLARE @data XML
DECLARE @cmd NVARCHAR(1000)
DECLARE @posttime NVARCHAR(24)
DECLARE @spid NVARCHAR(6)
DECLARE @loginname NVARCHAR(100)
DECLARE @hostname NVARCHAR(100)
SET @data = EVENTDATA()
SET @cmd = @data.value(''(/EVENT_INSTANCE/TSQLCommand/CommandText)[1]'', ''NVARCHAR(1000)'')
SET @cmd = LTRIM(RTRIM(REPLACE(@cmd,'''','''')))
SET @posttime = @data.value(''(/EVENT_INSTANCE/PostTime)[1]'', ''DATETIME'')
SET @spid = @data.value(''(/EVENT_INSTANCE/SPID)[1]'', ''nvarchar(6)'')
SET @loginname = @data.value(''(/EVENT_INSTANCE/LoginName)[1]'',
    ''NVARCHAR(100)'')
SET @hostname = HOST_NAME()
INSERT INTO [DBA_AUDIT].dbo.AuditLog(Command, PostTime,HostName,LoginName)
 VALUES(@cmd, @posttime, @hostname, @loginname);'

 EXEC (@command);
 FETCH NEXT FROM datanames_cursor INTO @dataname;
PRINT '----------END---------'
END
CLOSE datanames_cursor
DEALLOCATE datanames_cursor

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------

----Disable all triggers when things go haywire
sp_msforeachdb @command1='use [?]; IF  EXISTS (SELECT * FROM sys.triggers WHERE name = N''ddl_DB_User'' AND parent_class=0)disable TRIGGER [ddl_DB_User] ON DATABASE'
Sam  2009-03-04 00:36:31
But if you have your permissions/roles set up correctly, how often do you need this?
Mitch Wheat  2009-03-04 00:39:40
If you have your system buttoned down tight, you may not need this.I have this list mailed to me daily for my own purposes I won't get into.
Sam  2009-03-04 06:07:47
+1 Cool concept. Forgot all about DDL Triggers. That might help for future "watching". But Mitch brings up a good point about security.
tyndall  2009-03-04 17:31:09
Can I ask about the last line? what causes it to go all "haywire". Can you elaborate more at the end of your answer?
tyndall  2009-03-04 17:37:15
If you apply this to all your production databases and something stops working, it's nice to be able to pull it all off quickly. I like to have things like this packaged up so it can be applied or removed easily. I wasn't totally serious about things going haywire.
Sam  2009-03-04 21:37:10
Yes, we all strive for perfect security, but sometimes application and organizational 'obstacles' get in the way. This log could show you what developers with elevated production privs are not following the change process, or what vendor supplied apps are doing, or what auth'd usr made a chng.
Sam  2009-03-04 21:49:53
+1  A: 

Along the same idea as Sam's, you could use a DDL trigger to capture the needed information, then send that data to a SQL Service broker queue, which could forward it to the Admin database (which could be on another server if needed) which would then hold all the DDL changes.

This would remove the permissions issue as the DDL trigger would be loading data into a Service Broker Queue at the local database and SQL handles the moving of the message to the other database.

There would be a bit more setup with this method, but once setup it would work no matter who made the object change.

mrdenny  2009-03-31 04:49:03
+1 this sounds pretty promising
tyndall  2009-04-01 21:07:38
That is much more slick. Now, if we make a copy of a database and give it to the developer, they will get errors on ddl mods.
Sam  2009-06-04 20:53:22
A: 

How to get this piece of info ex post (especially years later) is most likely not possible.

However, you can use SQL Server Profiler to track DDL actions. In Event Selection, check the following events:

Objects / Object: Altered

Objects / Object: Created

Objects / Object: Deleted

There are also lots of customization options: you can save the output to a file or table, filter the output furthermore based on any columns etc. etc.

Attila Csipak  2009-11-19 08:55:17

related questions

Sql to query a dbs scheme
Transform Columns into Rows
SQL Client for Mac OS X that works with MS SQL Server
How do you get leading wildcard full-text searches to work in SQL Server?
SQL Server 2000: Is there a way to tell when a record was last modified?
What's the BEST way to remove the time portion of a datetime value (SQL Server)
I need to know how much disk space a table is using in SQL Server
What's the best way to determine if a temporary table exists in SQL Server?
Appropriate pagefile size for SQL Server
Have you ever encountered a query that SQL Server could not execute because it referenced too many tables?
ASP.NET MVC "CRUD" Database Sample
How do I unit test persistence?
Best Book for a new Database Developer
Can I logically reorder columns in a table?
Best way to copy a database in SQL Server 2005/8?
Is Windows Server 2008 "Server Core" appropriate for a SQL Server instance?
Why doesn't SQL Full Text Indexing return results for words containing #?
Client collation and SQL Server 2005
Editing database records by multiple users
Deploying SQL Server Databases from Test to Live
SQL Server 2005 implementation of MySQL REPLACE INTO?
Upgrading SQL Server 6.5
How do I version my MS SQL database in SVN?
How to export data from SQL Server 2005 to MySQL
Check for changes to a SQL table?