I need to keep track of every select,update,delete and insert of a certain mysql user.
I have try this solution .
I can see on localhost the general_log table that contains all the queries created by a mysql user. Anyway i have tried this solution on a shared machine and i obtain this message:
SELECT command denied to user for table 'general_log'
So my question is, there is a common (and compatible) behaviour to create a complete queries log in a web application ?
I have searched up and down for a solution and cannot find anything that helps. Everything that I have tried doesnt seem to work.
I have two database. I cannot modify Database A by adding a table or anything like that. I cannot enable cross-database access. I believe I cant use sp.Start_job because I need to pass parameters. I was able to enable xp_cmdshell.
My Database Definition:
Database A
- Order table
Database B
- Email notification Table
What I need to do:
Any time an order is entered into Database A, I need to enter a row into Database B with values of the order. So I need to have parameters
What I have tried:
- xp_cmdshell #query='DTEXEC /f "\\Server\Folder\SSIS Packages\Order confirmations\Order confirmations\Package.dtsx" /DECRYPT password'
1. I get an error saying access denied. I tried setting up sp_xp_cmdshell_proxy_account (##xp_cmdshell_proxy_account##) to an account that has access to the network drive where the file is stored, no luck.
2. whoami.exe shows NT/Authority \System instead of my proxy account.
3. GRANT EXECUTE on xp_cmdshell to [mydomain\myAccount] didnt have any affect.
Whoami Results
xp_cmdshell Results
Any suggestions? The job runs fine if I set it up with SQL Server Agent. Eventually I will just call xp_cmdshell from a trigger on Database A table Orders to enter the data into Database B and then fire off an email with sp_send_dbmail if some conditions are met.
The only way that I could currently find (Without resturcturing permissions in SQL and the network was to give read/execute permission to SQL server. Not my ideal solution, but it works.
Hope this helps someone
I have run delete query in my table on my local system
delete from table_name
Now i want to recover it. How can i do this Please help me. I am using php mysql. Please help me
Unfortunately, no. If you were running the server in default config, go get your backups (you have backups, right?) - generally, a database doesn't keep previous versions of your data, or a revision of changes: only the current state.
(Alternately, if you have deleted the data through a custom frontend, it is quite possible that the frontend doesn't actually issue a DELETE: many tables have a is_deleted field or similar, and this is simply toggled by the frontend.
Note that this is a "soft delete" implemented in the frontend app - the data is not actually deleted in such cases; if you actually issued a DELETE, TRUNCATE or a similar SQL command, this is not applicable.
I am getting the following error
Cannot execute as the database principal because the principal "dbo"
does not exist, this type of principal cannot be impersonated,
or you do not have permission.
I read about ALTER AUTHORIZATION, but I have no idea what database this is happening in. This error is getting spit out very frequently, and grows the error log by about 1GB every day.
I resolved this issue by setting database owner. My database did not have had any owner before this issue. Execute this command in your database to set owner to sysadmin account:
use [YourDatabaseName] EXEC sp_changedbowner 'sa'
Do Graphically.
Database right click-->properties-->files-->select database owner-->select [sa]-- ok
USE [<dbname>]
GO
sp_changedbowner '<user>' -- you can use 'sa' as a quick fix in databases with SQL authentication
KB913423 - You cannot run a statement or a module that includes the EXECUTE AS clause after you restore a database in SQL Server 2005
After restoring a Database from SQL2016 to SQL2019, I had the same issue when I try to access Database Diagrams. I had the correct Database owner already but owner of Files was empty. Once I set that, it worked properly...
This may also happen when the database is a restore from a different SQL server or instance. In that case, the security principal 'dbo' in the database is not the same as the security principal on the SQL server on which the db was restored.
Don't ask me how I know this...
another way of doing it
ALTER AUTHORIZATION
ON DATABASE::[DatabaseName]
TO [A Suitable Login];
Selected answer and some others are all good. I just want give a more SQL pure explanation. It comes to same solution that there is no (valid) database owner.
Database owner account dbo which is mentioned in error is always created with database. So it seems strange that it doesn't exist but you can check with two selects (or one but let's keep it simple).
SELECT [name],[sid]
FROM [DB_NAME].[sys].[database_principals]
WHERE [name] = 'dbo'
which shows SID of dbo user in DB_NAME database and
SELECT [name],[sid]
FROM [sys].[syslogins]
to show all logins (and their SIDs) for this SQL server instance. Notice it didn't write any db_name prefix, that's because every database has same information in that view.
So in case of error above there will not be login with SID that is assigned to database dbo user.
As explained above that usually happens when restoring database from another computer (where database and dbo user were created by different login). And you can fix it by changing ownership to existing login.
Under Security, add the principal as a "SQL user without login", make it own the schema with the same name as the principal and then in Membership make it db_owner.
Also had this error when accidentally fed a database connection string to the readonly mirror - not the primary database in a HA setup.
As the message said, you should set permission as owner to your user. So you can use following:
ALTER AUTHORIZATION
ON DATABASE::[YourDBName]
TO [UserLogin];
Hope helpful!
Leave comment if it's ok for you.
In my case I got this error when trying to impersonate as another user. E.g.
EXEC AS USER = 'dbo';
And as the database was imported from another environment, some of its users did not match the SQL Server logins.
You can check if you have the same problem by running the (deprecated) sp_change_users_login (in "Report" mode), or use the following query:
select p.name,p.sid "sid in DB", (select serp.sid from sys.server_principals serp where serp.name = p.name) "sid in server"
from sys.database_principals p
where p.type in ('G','S','U')
and p.authentication_type = 1
and p.sid not in (select sid from sys.server_principals)
If in that list shows the user you are trying to impersonate, then you probably can fix it by assigning the DB user to the proper login in your server. For instance:
ALTER USER dbo WITH LOGIN = dbo;
Go to the Properties - Files.
The owner name must be blank. Just put "sa" in the user name and the issue will be resolved.
How do I get access to the MySQL logs (primarily to take a look at the insert/update/delete statements) from an Amazon RDS instance?
Basically you have to enable the "general_log" parameter in the parameter group of your RDS instance
$ rds-modify-db-parameter-group mydbparametergroup --parameters "name=general_log,value=ON,method=immediate"
In case you did not apply the parametergroup to the instance:
$ rds-modify-db-instance mydbinstance --db-parameter-group-name mydbparametergroup
Then access your mysql instance using root:
mysql> select * from mysql.general_log;
See:
AWS Developer Forum - Re: general query log
AWS RDS - Working with DB Parameter Groups
EDIT: 4 years have past since I posted this answer, and it still seems valid. I hope someone from Amazon RDS documentation team would read it and update their documentation.
I had a really hard time to figure such a simple thing out, because all online information in this regard seems outdated including one in Amazon Docs. Amazon has obviously changed how you do things since now the default parameters cannot be modified, and you need to create a custom set of parameters in order to modify them, including general_log. It is an obvious bug that you can still click the Edit button for default parameters, but when you try to save them, you get an error that default parameters can't be changed.
How you do it now, is that in the Parameters Groups, click on Create DB Parameter Group, and create a new group and select the same DB in 'DB Parameter Group Family' as in the default parameter group. See the attached screen shot. Once done, it'll create a copy identical to the default parameter group. Now edit the parameters, e.g. change general_log to '1'. According to the Docs is should be '0' by default but it is neither '0' nor '1' by default.
Now save it, go back to your instance, click on 'Instance Actions', select 'Modify' and in the setting which will appear, change 'Parameter Group' to your new custom parameter group. It'll take a few moments to apply it, after which you'll need to restart your DB instance.
This is how it is till June 2014. But there is no guarantee that it'll stay like this in future too, since in the technology industry things keep getting updated too fast (many times unnecessarily) but documents and tutorials don't get updated as fast.