全Sql语句实现SBO事务日志记录与查询
接受一个朋友的委托,希望对SBO的事务日志进行记录,并且提供查询分析功能,说实话,行为日志与审计不管对于操作系统、数据库系统或者是用户软件,尽管都是安全考虑所需要的,但是要真正的实现并且通用起来审计,是有难度的。
不过受人之托,还是忠人之事吧,用纯Sql方式实现了一个简单的日志记录与查询【姑且算是审计吧】。毕竟运行于SBO之上采用的是没有经过任何的控制介入的方法,局限太多,但是对于要求不太高的单位,还是够用了。
第一步 请在Sql server的查询分析器中运行一下脚本
1.1 创建日志表
if exists(_select* from dbo.sysobjects where id = object_id(N'fsTransLog') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table fsTransLog
go
if exists(_select* from dbo.sysobjects where id = object_id(N'fsTransLog') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table fsTransLog
go
create table fsTransLog
(
AutoKey int IDENTITY (1, 1) NOT FOR REPLICATION NOT null,
ObjectType nvarchar(25),
TransType nvarchar(1),
KeyNum int,
KeyColumns nvarchar(255),
KeyValues nvarchar(255),
Result int default 0,
ErrNotes nvarchar(255),
TransUser int,
TransTime datetime
)
go
(
AutoKey int IDENTITY (1, 1) NOT FOR REPLICATION NOT null,
ObjectType nvarchar(25),
TransType nvarchar(1),
KeyNum int,
KeyColumns nvarchar(255),
KeyValues nvarchar(255),
Result int default 0,
ErrNotes nvarchar(255),
TransUser int,
TransTime datetime
)
go
1.2 创建事务表单对应表,在此表中定义的事务才进行日志记录,请务必填写此表单【表单内容个填写方式可以参见附件内容】,以确保您的事务日志被记录,和日志报表信息的明晰。
if exists(_select* from dbo.sysobjects where id = object_id(N'fsTransTable') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table fsTransTable
go
if exists(_select* from dbo.sysobjects where id = object_id(N'fsTransTable') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table fsTransTable
go
create table fsTransTable
(
AutoKey int IDENTITY (1, 1) NOT FOR REPLICATION NOT null,
TransType nvarchar(25) not null, --事务类型:13,销售发票;15,销售交货....
TransName nvarchar(50), --事务类型名称:13,销售发票;15,销售交货....
TransTable nvarchar(30), --事务对应的数据表:销售发票对应OINV,销售交货对应ORIN
TransKey nvarchar(255) not null,
KeyName nvarchar(1000),
UserField nvarchar(30) default 'UserSign',
IsActive bit default 0
)
go
(
AutoKey int IDENTITY (1, 1) NOT FOR REPLICATION NOT null,
TransType nvarchar(25) not null, --事务类型:13,销售发票;15,销售交货....
TransName nvarchar(50), --事务类型名称:13,销售发票;15,销售交货....
TransTable nvarchar(30), --事务对应的数据表:销售发票对应OINV,销售交货对应ORIN
TransKey nvarchar(255) not null,
KeyName nvarchar(1000),
UserField nvarchar(30) default 'UserSign',
IsActive bit default 0
)
go
if exists(_select* from dbo.sysobjects where id = object_id(N'fsTransType') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table fsTransType
go
drop table fsTransType
go
create table fsTransType
(
TransType nvarchar(1) not null,
TransName nvarchar(50)
)
go
(
TransType nvarchar(1) not null,
TransName nvarchar(50)
)
go
_insertINTO fsTransType(TransType,TransName)VALUES(N'A',N'添加')
_insertINTO fsTransType(TransType,TransName)VALUES(N'U',N'修改')
_insertINTO fsTransType(TransType,TransName)VALUES(N'D',N'删除')
_insertINTO fsTransType(TransType,TransName)VALUES(N'C',N'取消')
_insertINTO fsTransType(TransType,TransName)VALUES(N'L',N'关闭')
_insertINTO fsTransType(TransType,TransName)VALUES(N'U',N'修改')
_insertINTO fsTransType(TransType,TransName)VALUES(N'D',N'删除')
_insertINTO fsTransType(TransType,TransName)VALUES(N'C',N'取消')
_insertINTO fsTransType(TransType,TransName)VALUES(N'L',N'关闭')
1.3 创建保存事务日志的存储过程
如果希望对所有的日志进行记录,就去掉 if exists(_select...) 那一行语句
if exists (_select* from dbo.sysobjects where id = object_id(N'[dbo].[fsup_WriteTransLog]') and OBJECTPROPERTY(id, N'IsProcedure') = 1)
drop procedure [dbo].[fsup_WriteTransLog]
go
如果希望对所有的日志进行记录,就去掉 if exists(_select...) 那一行语句
if exists (_select* from dbo.sysobjects where id = object_id(N'[dbo].[fsup_WriteTransLog]') and OBJECTPROPERTY(id, N'IsProcedure') = 1)
drop procedure [dbo].[fsup_WriteTransLog]
go
create procedure fsup_WriteTransLog
@ObjectType nvarchar(25),
@TransType nchar(1),
@KeyNum int,
@KeyColumns nvarchar(255),
@KeyValues nvarchar(255),
@Result int,
@ErrNotes nvarchar(255)
as
begin
if exists(_select* FROM fsTransTable WHERE Upper(TransType)=Upper(@ObjectType) AND IsActive=1)
begin
_declare@table nvarchar(30), @TransKey nvarchar(300), @UserField nvarchar(50), @strSql nvarchar(4000), @UserId int
@ObjectType nvarchar(25),
@TransType nchar(1),
@KeyNum int,
@KeyColumns nvarchar(255),
@KeyValues nvarchar(255),
@Result int,
@ErrNotes nvarchar(255)
as
begin
if exists(_select* FROM fsTransTable WHERE Upper(TransType)=Upper(@ObjectType) AND IsActive=1)
begin
_declare@table nvarchar(30), @TransKey nvarchar(300), @UserField nvarchar(50), @strSql nvarchar(4000), @UserId int
CREATE TABLE #TransUser (UserId int)
_select@table=TransTable, @TransKey=TransKey, @UserField=UserField FROM fsTransTable WHERE Upper(TransType)=Upper(@ObjectType)
if (IsNull(@UserField,'')<>'')
begin
_select@strSql = '_insertINTO #TransUser(UserId) _select' + @UserField + ' FROM ' + @table + ' WHERE ' + @TransKey + '=N''' + @KeyValues + ''''
__execUTE(@strSql)
_select@UserId=UserId FROM #TransUser
end
if (IsNull(@UserField,'')<>'')
begin
_select@strSql = '_insertINTO #TransUser(UserId) _select' + @UserField + ' FROM ' + @table + ' WHERE ' + @TransKey + '=N''' + @KeyValues + ''''
__execUTE(@strSql)
_select@UserId=UserId FROM #TransUser
end
_insertINTO fsTransLog(ObjectType,TransType,KeyNum,KeyColumns,KeyValues,Result,ErrNotes,TransTime,TransUser)
VALUES(@ObjectType,@TransType,@KeyNum,@KeyColumns,@KeyValues,@Result,@ErrNotes,getdate(),@UserId)
end
end
go
VALUES(@ObjectType,@TransType,@KeyNum,@KeyColumns,@KeyValues,@Result,@ErrNotes,getdate(),@UserId)
end
end
go
第二步 在 SBO_SP_TransactionNotification 过程的最后部分的_select@error, @error_message之前,加入以下语句。 对于自定义的中途捕捉到事务错误提前返回的,应该在 return 之前加入以下语句, 没有这个添加就不会记录日志
__exec fsup_WriteTransLog @object_type,@transaction_type,@num_of_cols_in_key,@list_of_key_cols_tab_del,@list_of_cols_val_tab_del, @error, @error_message
__exec fsup_WriteTransLog @object_type,@transaction_type,@num_of_cols_in_key,@list_of_key_cols_tab_del,@list_of_cols_val_tab_del, @error, @error_message
第三步 事务日志报表,在自定义报表中作如下定义
局限:
-- 1、由于SBO的原因,查询条件显示的不很友好,都是最后登录时间
-- 2、由于SBO的报表局限,无法实现深度关联查询
_declare@sd datetime, @ed datetime, @userid int
局限:
-- 1、由于SBO的原因,查询条件显示的不很友好,都是最后登录时间
-- 2、由于SBO的报表局限,无法实现深度关联查询
_declare@sd datetime, @ed datetime, @userid int
_select@sd=min(a.lastLogin) FROM OUSR a WHERE a.LastLogin>='[%0]'
_select@ed=max(b.lastLogin) FROM OUSR b WHERE b.LastLogin<='[%1]'
_select@userid=c.INTERNAL_K FROM OUSR c WHERE c.U_Name<='[%2]'
_select@ed=max(b.lastLogin) FROM OUSR b WHERE b.LastLogin<='[%1]'
_select@userid=c.INTERNAL_K FROM OUSR c WHERE c.U_Name<='[%2]'
_select@sd=__cast(Convert(nvarchar(10), IsNull(@sd, '2000-1-1'), 121) as datetime)
_select@ed=__cast(Convert(nvarchar(10), IsNull(@ed, getdate()), 121) + ' 23:59:59' as datetime)
_select@userid=IsNull(@userid,-100)
_select@ed=__cast(Convert(nvarchar(10), IsNull(@ed, getdate()), 121) + ' 23:59:59' as datetime)
_select@userid=IsNull(@userid,-100)
_selectTransTime 事务时间, TransUser 用户标识, User_Code 用户代码, U_NAME 用户名, b.TransType 事务代码, b.TransTable 事务表单, b.TransName 事务名称, a.TransType 事务类型, d.TransName 事务类型名称, KeyColumns 事务标识, KeyName 事务标识名称, KeyValues 事务标识值, case when Result=0 then N'成功' else N'失败:'+ErrNotes + N'[' + __cast(Result as nvarchar(20)) +']' end 事务结果
from fsTransLog a left join fsTransTable b on a.ObjectType=b.TransType
left join OUSR c on a.TransUser=c.INTERNAL_K
inner join fsTransType d on a.TransType=d.TransType
WHERE a.TransTime BETWEEN @sd AND @ed AND ( a.TransUser=@userid OR @userid=-100)
from fsTransLog a left join fsTransTable b on a.ObjectType=b.TransType
left join OUSR c on a.TransUser=c.INTERNAL_K
inner join fsTransType d on a.TransType=d.TransType
WHERE a.TransTime BETWEEN @sd AND @ed AND ( a.TransUser=@userid OR @userid=-100)
执行效果,进入到SBO查询分析器,执行上述查询分析代码,选择日志时段和日志对象,得到相应的结果如下:
