TechNet
Export (0) Print
Expand All
Collapse the table of content
Expand the table of content
Expand Minimize

Audit Schema Object Access Event Class

 

Applies To: SQL Server 2016

The Audit Schema Object Access event class occurs when an object permission (such as SELECT) is used.

Data column nameData typeDescriptionColumn IDFilterable
ApplicationNamenvarcharName of the client application that created the connection to an instance of Microsoft SQL Server. This column is populated with the values passed by the application rather than the displayed name of the program.10Yes
ClientProcessIDintID assigned by the host computer to the process where the client application is running. This data column is populated if the client provides the client process ID.9Yes
ColumnPermissionsintIndicates whether a column permission was set. Parse the statement text to determine which permissions were applied. 1=Yes, 0=No.44Yes
DatabaseIDintID of the database specified by the USE database statement or the default database if no USE database statement has been issued for a given instance. SQL Server Profiler displays the name of the database if the ServerName data column is captured in the trace and the server is available. Determine the value for a database by using the DB_ID function.3Yes
DatabaseNamenvarcharName of the database in which the user statement is running.35Yes
DBUserNamenvarcharIssuer's username in the database.40Yes
EventClassintType of event = 114.27No
EventSequenceintSequence of a given event within the request.51No
HostNamenvarcharName of the computer on which the client is running. This data column is populated if the client provides the host name. To determine the host name, use the HOST_NAME function.8Yes
IsSystemintIndicates whether the event occurred on a system process or a user process. 1 = system, 0 = user.60Yes
LoginNamenvarcharName of the login of the user (either the SQL Server security login or the Microsoft Windows login credentials in the form of DOMAIN\username).11Yes
LoginSidimageSecurity identification number (SID) of the logged-in user. You can find this information in the sys.server_principals catalog view. Each SID is unique for each login in the server.41Yes
NTDomainNamenvarcharWindows domain to which the user belongs.7Yes
NTUserNamenvarcharWindows user name.6Yes
ObjectNamenvarcharName of the object whose permissions are being checked.34Yes
ObjectTypeintValue representing the type of the object involved in the event. This value corresponds to the type column in the sys.objects catalog view. For values, see ObjectType Trace Event Column.28Yes
OwnerNamenvarcharDatabase username of the object owner of the object being targeted.37Yes
ParentNamenvarcharName of the schema that the object is within.59Yes
PermissionsbigintInteger value representing the type of permissions checked.

1=SELECT ALL

2=UPDATE ALL

4=REFERENCES ALL

8=INSERT

16=DELETE

32=EXECUTE (procedures only)
19Yes
RequestIDintID of the request containing the statement.49Yes
ServerNamenvarcharName of the instance of SQL Server being traced.26No
SessionLoginNameNvarcharLogin name of the user who originated the session. For example, if you connect to SQL Server using Login1 and execute a statement as Login2, SessionLoginName shows Login1 and LoginName shows Login2. This column displays both SQL Server and Windows logins.64Yes
SPIDintID of the session on which the event occurred.12Yes
StartTimedatetimeTime at which the event started, if available.14Yes
Successint1 = success. 0 = failure. For example, a value of 1 indicates success of a permissions check and a value of 0 indicates a failure of that check.23Yes
TextDatantextSQL text of the statement.1Yes
TransactionIDbigintSystem-assigned ID of the transaction.4Yes
XactSequencebigintToken used to describe the current transaction.50Yes

sp_trace_setevent (Transact-SQL)

Community Additions

ADD
Show:
© 2016 Microsoft