| title | Audit Login Change Property Event Class | |
|---|---|---|
| description | Audit Login Change Property Event Class | |
| author | WilliamDAssafMSFT | |
| ms.author | wiassaf | |
| ms.date | 03/14/2017 | |
| ms.service | sql | |
| ms.subservice | supportability | |
| ms.topic | reference | |
| helpviewer_keywords |
|
|
| monikerRange | =azuresqldb-current||>=sql-server-2016||>=sql-server-linux-2017||=azuresqldb-mi-current |
[!INCLUDE SQL Server Azure SQL Database Azure SQL Managed Instance] The Audit Login Change Property event class occurs when you use the sp_defaultdb stored procedure, the sp_defaultlanguage stored procedure, or the ALTER LOGIN statement to modify a property of a login.
| Data column name | Data type | Description | Column ID | Filterable |
|---|---|---|---|---|
| ApplicationName | nvarchar | Name of the client application that created the connection to an instance of [!INCLUDEmsCoName] [!INCLUDEssNoVersion]. This column is populated with the values passed by the application rather than the displayed name of the program. | 10 | Yes |
| ClientProcessID | int | ID assigned by the host computer to the process where the client application is running. This data column is populated if the client provides the client process ID. | 9 | Yes |
| DatabaseID | int | ID of the database specified by the USE database statement or the default database if no USE database statement has been issued for a given instance. [!INCLUDEssSqlProfiler] displays the name of the database if the ServerName data column is captured in the trace and the server is available. Determine the value for a database by using the DB_ID function. | 3 | Yes |
| DatabaseName | nvarchar | Name of the database in which the user statement is running. | 35 | Yes |
| EventClass | int | Type of event = 106. | 27 | No |
| EventSequence | int | Sequence of a given event within the request. | 51 | No |
| EventSubClass | int | Type of event subclass. 1=Default database changed 2=Default language changed 3=Name changed 4=Credential changed 5=Policy changed 6=Expiration changed |
21 | Yes |
| HostName | nvarchar | Name of the computer on which the client is running. This data column is populated if the client provides the host name. To determine the host name, use the HOST_NAME function. | 8 | Yes |
| IsSystem | int | Indicates whether the event occurred on a system process or a user process. 1 = system, 0 = user. | 60 | Yes |
| LoginName | nvarchar | Name of the login of the user (either the [!INCLUDEssNoVersion] security login or the [!INCLUDEmsCoName] Windows login credentials in the form of DOMAIN\username). | 11 | Yes |
| LoginSid | image | Security identification number (SID) of the logged-in user. You can find this information in the sys.server_principals catalog view. Each SID is unique for each login in the server. | 41 | Yes |
| NTDomainName | nvarchar | Windows domain to which the user belongs. | 7 | Yes |
| NTUserName | nvarchar | Windows user name. | 6 | Yes |
| ObjectName | nvarchar | Name of the object being referenced. | 34 | Yes |
| ObjectType | int | Value representing the type of the object involved in the event. This value corresponds to the type column in the sys.objects catalog view. For values, see ObjectType Trace Event Column. | 28 | Yes |
| OwnerName | nvarchar | Database user name of the object owner. | 37 | Yes |
| RequestID | int | ID of the request containing the statement. | 49 | Yes |
| ServerName | nvarchar | Name of the instance of [!INCLUDEssNoVersion] being traced. | 26 | No |
| SessionLoginName | nvarchar | Login name of the user who originated the session. For example, if you connect to [!INCLUDEssNoVersion] using Login1 and execute a statement as Login2, SessionLoginName shows Login1 and LoginName shows Login2. This column displays both [!INCLUDEssNoVersion] and Windows logins. | 64 | Yes |
| SPID | int | ID of the session on which the event occurred. | 12 | Yes |
| StartTime | datetime | Time at which the event started, if available. | 14 | Yes |
| Success | int | 1 = success. 0 = failure. For example, a value of 1 indicates success of a permissions check and a value of 0 indicates failure of that check. | 23 | Yes |
| TargetLoginName | nvarchar | For actions that target a login (for example, adding a new login), the name of the targeted login. | 42 | Yes |
| TargetLoginSid | image | For actions that target a login (for example, adding a new login), the security identification number (SID) of the targeted login. | 43 | Yes |
| TransactionID | bigint | System-assigned ID of the transaction. | 4 | Yes |
| XactSequence | bigint | Token used to describe the current transaction. | 50 | Yes |
sp_trace_setevent (Transact-SQL)
sp_defaultdb (Transact-SQL)
sp_defaultlanguage (Transact-SQL)