Return
-
Title
SQL Data Level Auditing is not resolving SQL Login and events display incorrect Origin, Application Name, and Login User -
Description
When using Change Auditor for SQL, the reported User Login, Computer Name and IP Addresses reported are not corrects
-
Cause
VSTS10558
When a number of database transactions are performed and there a large number of logon\logoffs recorded in SQL, the Change Auditor Agent obtains the incorrect Login Time for the database transaction
Since Database SPIDs are often reused, the Agent finds the incorrect corresponding login information for the transaction.
The issue appears to occur only in SQL Server 2008 and 2008 R2 and when using SQL logins
-
Resolution
Solution
- This issue is being looked at by our Development Team and will be fixed in a future version
- Please consult the Release Notes for more detail
Workaround
- If possible, use Windows Accounts instead of SQL Accounts to avoid this issue.
-
Defect ID
VSTS10558