Menu
I have always wondered why in most examples/tutorials everyone stores the User's name in audit database columns such as CreatedBy/ModifiedBy.
In the back of my head I have always wondered, what if the system I am building will allow the user to change their username as long as it is not taken.
Wouldn't I want to store the user's Id in this case?
I really don't want this to be an opinion based question. So the kind of answer I expect is a situation when storing the user's name in audit columns is fine and a situation when storing the user's id in audit columns is fine.
403
Target. The results of an audit are sent to a target, which can be a file, the Windows Security event log, or the Windows Application event log.
Object ExplorerRight-click on the top-level object for a SQL Server connection, and select Activity Monitor.
Enabling SQL login auditing will help you detect insider and outsider threats in time to protect your SQL databases against data breaches. These capabilities are included in SQL Server audit services, but this is not a very convenient solution because truly suspicious events get buried in the huge amount of noise data.
There is no chance this isn't an opinion based question. However, consider what happens when you use the UserID. The next logical conclusion is to make a foreign key to the user table. Now you can't delete a user if they have an audit row.
Ok no biggie. Skip the foreign key and put in the UserID with no foreign key. Now how useful is the audit information if the User row is deleted? Especially if you have an identity or uniqueidentifier as your UserID. The value is now completely useless because to derive ANY value from it you have to join to your user table.
Now does it make sense why most of the time you see UserName instead of UserID?
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
