How do you handle audit logging with SSRS?
Asked Answered
C

5

6

I have some reports in SQL Server Reporting Services 2005 that I need to keep audit logs for. The audit log should include who ran what report with what parameters. I can't use Windows authentication.

What is the best way to log this information?

Cavanagh answered 12/8, 2008 at 2:39 Comment(0)
S
5

The previous comments were dead on accurate that you can mine the data from the ReportServer ExecutionLog table in SQL Server 2000/2005 or the ExecutionLogStorage table in SQL Server 2008. If you are using form-based authentication to access the reports instead of windows authentication, then you are probably passing some unique UserID, CompanyID, CustomerID, or other value as a parameter in your reports. If this is the case, then the built-in table captures the parameters already. If you aren't passing the unique user identifier as a parameter, then you will probably need to rely on logging report executions in your application itself.

Scrubber answered 31/12, 2008 at 12:10 Comment(0)
B
2

Have a look at the ExecutionLog table in the ReportServer database. This contains information on who ran what report and with what parameters.

I'm not sure how this is going to work without Windows authentication though, as it'll have no way of knowing who's running what report.

Belinda answered 12/8, 2008 at 2:47 Comment(0)
S
2

Can you share some info on your authentication method?

MS provides some report samples that include everything you need to get started.

For SSRS 2005 http://www.codeplex.com/MSFTRSProdSamples/Wiki/View.aspx?title=SS2005!Server%20Management%20Sample%20Reports&referringTitle=Home

Many more report Samples. http://www.codeplex.com/MSFTRSProdSamples/

Simulcast answered 14/8, 2008 at 15:48 Comment(0)
S
1

From memory SSRS has built in logging for this exact situation

Shortchange answered 12/8, 2008 at 2:45 Comment(0)
L
0

If you are using a custom security extention, you will still be able to get all the info you need from the ExecutionLog table. Unless off-course if all your users uses a shared login, in which case you probably need to reconsider your architecture, depending on the importance of the audit log.

Leesaleese answered 11/9, 2008 at 6:17 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.