主页 / dba / 问题 / 118281
Accepted
BateTech
Asked: 2015-10-17 07:12:33 +0800 CST

如何捕获 sp_refreshsqlmodule 事件

  • 772

我的问题:执行sp_refreshsqlmodule将更新sys.objects.modify_date值,但不会触发可由 DDL 触发器使用的 DDL 事件。因此,如果使用 DDL 触发器来显示对象更改历史记录,我无法调和过程、函数等在没有针对对象运行语句modify_date时会有最近的原因。ALTER这可能会在审核期间引起一些麻烦。

我的问题:有没有什么方法可以捕获sp_refreshsqlmodule事件,以便我可以有一种自动的方式来协调modify_date数据库对象?

我能够找到 SQL Server 2008 的这个连接项https://connect.microsoft.com/SQLServer/feedback/details/340441/sp-autostats-and-other-system-procedures-does-not-fire-ddl- triggers,用评论标记为关闭:

我们认为为 SQL Server 2008 修复此问题并不重要。我们肯定会在之后的版本中考虑它

我也能够在 SQL Server 2014 中复制该问题。

复制问题的 SQL 脚本:

IF OBJECT_ID('dbo.test_DDL_log ') IS NOT NULL
DROP TABLE dbo.test_DDL_log; 
GO

CREATE TABLE dbo.test_DDL_log (id int not null identity primary key, DDL_EventData xml, dateCreated datetime, contextInfo varchar(128));
go

CREATE TRIGGER [TEST_ddlDatabaseTriggerLog] 
ON DATABASE 
FOR DDL_DATABASE_LEVEL_EVENTS 
AS 
--Log all DDL operations on this database to an audit table.
BEGIN
    SET NOCOUNT ON;

    INSERT INTO dbo.test_DDL_log(DDL_EventData, dateCreated, contextInfo)
    VALUES (
          EVENTDATA()
        , GETDATE()
        , REPLACE(CAST(CONTEXT_INFO() AS VARCHAR(128)), CHAR(0), '')
    );
END
GO 

--Context info used in DDL trigger to tie to build and/or Support Ticket # to this change
DECLARE @c varbinary(128);
SET @c=cast('Ticket 123 v1.2.345' as varbinary(128));
SET CONTEXT_INFO @c;
GO

--Repro Example taken from:  https://msdn.microsoft.com/en-us/library/bb326754.aspx
-- Create an alias type.
IF EXISTS (SELECT 'TEST_mytype' FROM sys.types WHERE name = 'TEST_mytype')
DROP TYPE TEST_mytype;
GO

CREATE TYPE TEST_mytype FROM nvarchar(5);
GO

IF OBJECT_ID ('dbo.TEST_to_upper', 'FN') IS NOT NULL
DROP FUNCTION dbo.TEST_to_upper;
GO

CREATE FUNCTION dbo.TEST_to_upper (@a TEST_mytype)
RETURNS TEST_mytype
WITH ENCRYPTION
AS
BEGIN
RETURN upper(@a)
END;
GO

-- Increase the length of the alias type.
EXEC sp_rename 'TEST_mytype', 'TEST_myoldtype', 'userdatatype';
GO

CREATE TYPE TEST_mytype FROM nvarchar(10);
GO

---- The function parameter still uses the old type.
-- and would Fail here because of truncation:
--SELECT dbo.TEST_to_upper('abcdefgh'); 
GO

select modify_date_BEFORE = o.modify_date
from sys.objects o 
where o.name = 'TEST_to_upper'
;
go

WAITFOR DELAY '00:00:05'; --allow some time to elapse so that modify_date change is more noticable
GO

-- Refresh the function to bind to the renamed type.
EXEC sys.sp_refreshsqlmodule 'dbo.TEST_to_upper';
go

select modify_date_AFTER = o.modify_date
from sys.objects o 
where o.name = 'TEST_to_upper'
;
go

--only 4 events show here, NOT included the call to sp_refreshsqlmodule which updated the modify_date
SELECT * from dbo.test_DDL_log;
go

--CLEANUP 
IF OBJECT_ID ('dbo.TEST_to_upper', 'FN') IS NOT NULL
DROP FUNCTION dbo.TEST_to_upper;
GO
IF EXISTS (SELECT 'TEST_myoldtype' FROM sys.types WHERE name = 'TEST_myoldtype')
DROP TYPE TEST_myoldtype;
GO
IF EXISTS (SELECT 'TEST_mytype' FROM sys.types WHERE name = 'TEST_mytype')
DROP TYPE TEST_mytype;
GO
if exists(select 1 from sys.triggers t where t.name = 'TEST_ddlDatabaseTriggerLog')
DROP TRIGGER [TEST_ddlDatabaseTriggerLog] ON DATABASE
GO

IF OBJECT_ID('dbo.test_DDL_log ') IS NOT NULL
DROP TABLE dbo.test_DDL_log; 
GO

该脚本的结果显示:

modify_date_BEFORE
-----------------------
2015-10-16 10:59:10.447

modify_date_AFTER
-----------------------
2015-10-16 10:59:15.487

id          DDL_EventData                                                                                         dateCreated             contextInfo
----------- ------------------------------------------------------------------------------------------------ -------------------------    ------------------------
1           <EVENT_INSTANCE><EventType>CREATE_TYPE</EventType><PostTime>2015-10-16T10:59:10.443</PostTime>....... 2015-10-16 10:59:10.443 Ticket 123 v1.2.345
2           <EVENT_INSTANCE><EventType>CREATE_FUNCTION</EventType><PostTime>2015-10-16T10:59:10.447</PostTime>... 2015-10-16 10:59:10.447 Ticket 123 v1.2.345
3           <EVENT_INSTANCE><EventType>RENAME</EventType><PostTime>2015-10-16T10:59:10.450</PostTime>............ 2015-10-16 10:59:10.450 Ticket 123 v1.2.345
4           <EVENT_INSTANCE><EventType>CREATE_TYPE</EventType><PostTime>2015-10-16T10:59:10.453</PostTime>....... 2015-10-16 10:59:10.453 Ticket 123 v1.2.345

的事件sp_refreshsqlmodule无处可寻,所有记录的事件都在sp_refreshsqlmodule2015-10-16 10:59:15.487 时间之前(注意:我在上面的脚本中调用之前延迟了 5 秒sp_refreshsqlmodule以使其成为更值得注意的是此事件未被记录)。

sql-server trigger

2 个回答

  1. Best Answer

    不幸的是,有几个 DDL 类型的事件实际上并不算作与 DDL 触发器、事件通知等一起使用的 DDL 事件。

    sp_refreshsqlmodule您可以使用以下扩展事件会话捕获呼叫:

    CREATE EVENT SESSION [refreshes] ON SERVER 
ADD EVENT sqlserver.module_end
(
  SET collect_statement = (1)
  ACTION
  (
     sqlserver.client_app_name, 
     sqlserver.client_hostname,
     sqlserver.database_id,
     sqlserver.database_name,
     sqlserver.username,
     sqlserver.context_info
  )
  WHERE ([object_id] = -419385653) -- OBJECT_ID(N'sys.sp_refreshsqlmodule')
)
ADD TARGET package0.asynchronous_file_target
(
  SET FILENAME = N'C:\temp\refreshes.xel'
);
GO

ALTER EVENT SESSION [refreshes] ON SERVER STATE = START;
GO

    您可能需要收集一组不同的审计列;这些大多只是从我的类似会议中借来的。您可能还想为sp_refreshview重新编译和统计信息更新等可能的其他事件添加一个额外的过滤器(我不知道所有可能会更改modify_date但未被捕获为正确的 DDL 事件的过程调用)。

    现在,会话将仅捕获数据。您可以像这样手动检查它:

    ;WITH ee_data AS 
(
  SELECT x = CONVERT(XML, event_data)
    FROM sys.fn_xe_file_target_read_file
    (N'C:\temp\refreshes*.xel', NULL, NULL, NULL)
)
SELECT 
  [statement] = x.value('(event/data[@name="statement"]/value)[1]','nvarchar(4000)'),
  [timestamp] = x.value('(event/@timestamp)[1]','datetime2'),
  --username = x.value('(event/action[@name="username"]/value)[1]','nvarchar(400)'),
  --[host] = x.value('(event/action[@name="client_hostname"]/value)[1]','nvarchar(400)'),
  --app = x.value('(event/action[@name="client_app_name"]/value)[1]','nvarchar(400)')
  -- you'll have to add the xquery stuff to get context_info
FROM ee_data;

    示例输出:

    statement                                      timestamp
--------------------------------------------   ---------------------------
EXEC sys.sp_refreshsqlmodule N'dbo.someview'   2015-10-16 16:45:35.6220000

    您必须解析出对象名称,并将信息放入您自己的 XML 格式以匹配EVENTDATA(). 另请注意,这timestamp是 UTC 时间,而不是您的本地时间,因此您需要调整它以便与modify_date(继承服务器时间)进行有效比较。modify_date在我的例子中,和之间的差异timestamp是 6 毫秒,因此会话不会记录对象被修改的确切时刻 - 您需要留出一点余地来“匹配”这两个值。

    然后,您需要将最终得到的任何代码放入某种作业中,以轮询文件目标以获取新行(您可以考虑为此使用查询通知以避免轮询,但轮询要简单得多),并将它们插入您的DDL 审计表。

    • 2

  2. @AaronBertrand上面的回答适用于 SQL 2014(也可能适用于 SQL 2012,尽管我没有要测试的 2012 实例)。

    但是,如果使用 SQL Server 2008 R2,那么在创建事件会话时必须删除以下行,因为它们会导致以下错误:

    SET collect_statement = (1) --error: Msg 25629, Level 16, State 1, For event, "sqlserver.module_end", the customizable attribute, "collect_statement", does not exist.
sqlserver.database_name  --within the ACTION block. Error: Msg 25623, Level 16, State 3, The event action name, "sqlserver.database_name", is invalid, or the object could not be found
sqlserver.context_info   --within the ACTION block. Error: Msg 25623, Level 16, State 3, The event action name, "sqlserver.context_info", is invalid, or the object could not be found

    由于SET collect_statement在 SQL 2008 R2 中不起作用,因此您必须添加sqlserver.sql_textAction列表中,并且解析传入的对象名称的代码sp_refreshsqlmodule需要能够处理批量运行的多个语句。

    同样在 SQL2008R2 中,在对 的where子句中的 OBJECT_ID 值进行过滤时CREATE EVENT SESSION,您必须对这些系统对象使用正数 object_id#,即使object_id# 实际上是负数。我猜这是因为在 SQL 2008 R2 中,扩展事件在uint32内部用于object_id.

    这是 SQL 2008 R2 的脚本:

    CREATE EVENT SESSION [audit_sp_refreshes] ON SERVER 
--SQL SERVER 2008 R2 version
ADD EVENT sqlserver.module_end
(
  ACTION
  (
     sqlserver.client_app_name, 
     sqlserver.client_hostname,
     sqlserver.database_id,
     sqlserver.sql_text,
     sqlserver.username
  )
  WHERE 
    (
        --Must use POSITIVE object_id #'s here in SQL 2008 R2, even though the object_ids are actually negative
             [object_id] = 419385653  -- OBJECT_ID(N'sys.sp_refreshsqlmodule')
    ) 
)
ADD TARGET package0.asynchronous_file_target
(
  SET FILENAME = N'C:\TEMP\ExtendedEventLogs\audit_sp_refreshes.xel'
);
GO

ALTER EVENT SESSION [audit_sp_refreshes] ON SERVER STATE = START;
GO
    • 2

相关问题