docs: Add logon trigger management guidance and improve clarity

Added practical SQL examples and documentation links for managing logon
triggers in response to customer feedback (UUF #288442). Customer reported
that the article mentioned disabling/dropping triggers but provided no
guidance on how to perform these actions.

Changes:
- Added 'Manage logon triggers' section with SQL examples for listing,
  disabling, and dropping triggers
- Added links to sys.server_triggers, DISABLE TRIGGER, DROP TRIGGER docs
- Added Related content section with trigger security documentation
- Improved clarity throughout for Acrolinx requirements (target: 80+)
- Replaced directional terms with specific references
- Converted passive voice to active voice
- Split complex sentences for better readability
- Defined SA acronym (system administrator)
- Updated ms.date to 02/06/2026
- Added ai-usage: ai-assisted metadata

Author: MikeRayMSFT

docs/relational-databases/errors-events/mssqlserver-17892-database-engine-error.md

@@ -4,7 +4,8 @@ description: "MSSQLSERVER_17892"
 author: suresh-kandoth
 ms.author: sureshka
 ms.reviewer: jopilov, mathoma
-ms.date: 08/20/2020
+ms.date: 02/06/2026
+ai-usage: ai-assisted
 ms.service: sql
 ms.subservice: supportability
 ms.topic: "reference"
@@ -27,7 +28,7 @@ helpviewer_keywords:
 
 ## Explanation
 
-Error 17892 is raised when a logon trigger code cannot execute successfully. [Logon Triggers](../triggers/logon-triggers.md) fire stored procedures in response to a LOGON event. This event is raised when a user session is established with an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. An error message like the following is reported to the user:
+Error 17892 is raised when a logon trigger code cannot execute successfully. [Logon Triggers](../triggers/logon-triggers.md) fire stored procedures in response to a LOGON event. This event is raised when a user session is established with an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. The following error message is reported to the user:
 
 > Msg 17892, Level 14, State 1, Server \<Server Name>, Line 1  
 Logon failed for login \<Login Name> due to trigger execution.
@@ -41,7 +42,7 @@ The problem could occur if there is an error when executing trigger code for tha
 
 ## User action
 
-You can use one of the resolutions below depending on the scenario you are in.
+You can use one of the following resolutions depending on your scenario:
 
 - **Scenario 1**: You currently have access to an open session to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] under an admin account
 
@@ -51,32 +52,56 @@ You can use one of the resolutions below depending on the scenario you are in.
 
   - Example 2: If an object referred to by the trigger code does exist but users do not have permissions, grant them the necessary privileges to access the object.  
 
-  Alternatively, you can just drop or disable the login trigger so that users can continue to log in to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].  
+  Alternatively, you can just drop or disable the login trigger so that users can continue to log in to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].
+
+### Manage logon triggers
+  
+List all logon triggers on your server:
+  
+  ```sql
+  SELECT name, is_disabled, create_date, modify_date
+  FROM sys.server_triggers
+  WHERE type_desc = 'LOGON';
+  ```
+  
+Disable a logon trigger temporarily without deleting it:
+  
+  ```sql
+  DISABLE TRIGGER trigger_name ON ALL SERVER;
+  ```
+  
+Drop (delete) a logon trigger permanently:
+  
+  ```sql
+  DROP TRIGGER trigger_name ON ALL SERVER;
+  ```
+  
+  For more information, see [Manage trigger security](../triggers/manage-trigger-security.md#trigger-security-best-practices).
 
 - **Scenario 2**: You do not have any current session that is open under admin privileges, but Dedicated Administrator Connection (DAC) is enabled on the [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].
 
-    In this case, you can use the DAC connection to take the same steps as discussed in Case 1 since DAC connections are not affected by Login triggers. For more information on DAC connection, see:
+    In this case, you can use the DAC connection to take the same steps described in Scenario 1. Logon triggers don't affect DAC connections. For more information on DAC connection, see:
     [Diagnostic Connection for Database Administrators](../../database-engine/configure-windows/diagnostic-connection-for-database-administrators.md).
 
-    To check whether DAC is enabled on your [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)], you can check [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] error log for a message that is similar to the following:
+    To check whether DAC is enabled, review the [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] error log. Look for a message similar to this example:
 
     > 2020-02-09 16:17:44.150 Server Dedicated admin connection support was established for listening locally on port 1434.  
 
-- **Scenario 3**: You neither have DAC enabled on your server nor have an existing admin session to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].
+- **Scenario 3**: DAC isn't enabled on your server, and you don't have an existing admin session to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)].
 
     In this scenario, the only way to remediate the problem would be to take the following steps:
 
     1. Stop [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] and related services.
-    2. Start [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] from the [command prompt](/previous-versions/sql/sql-server-2008-r2/ms180965(v=sql.105)) using the startup parameters `-c`, `-m`, and `-f`. Doing this disables the login trigger and lets you perform the same remedial measures that are discussed under **Case 1** above.
+    2. Start [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] from the [command prompt](/previous-versions/sql/sql-server-2008-r2/ms180965(v=sql.105)) using the startup parameters `-c`, `-m`, and `-f`. This action disables the login trigger and lets you perform the same remedial measures described in Scenario 1.
 
         > [!NOTE]
-        > The above procedure requires a *SA* or an equivalent administrator account.
+        > This procedure requires a system administrator (SA) or equivalent administrator account.
   
          For more information about these and other startup options, see: [Database Engine Service Startup Options](../../database-engine/configure-windows/database-engine-service-startup-options.md).
 
 ## More information
 
-Another situation where log on triggers fail is when using the `EVENTDATA` function. This function returns XML, and its case sensitive.  So, you create the following logon trigger, intending to block access based on IP address, you can  ran into the issue:
+Logon triggers can also fail when using the `EVENTDATA` function incorrectly. The `EVENTDATA` function returns XML and is case-sensitive. For example, if you create the following logon trigger to block access based on IP address, you might encounter error 17892 if the XML path uses incorrect casing:
 
 ```sql
  CREATE TRIGGER tr_logon_CheckIP  
@@ -95,10 +120,19 @@ Another situation where log on triggers fail is when using the `EVENTDATA` funct
  GO
 ```
 
-User didn't maintain case when copying this script from the internet on this part of the trigger:
+If you don't maintain proper case-sensitivity when copying this script, specifically in this part of the trigger, the trigger fails:
 
 ```sql
+-- Incorrect: lowercase 'event_instance' and 'clienthost' will cause EVENTDATA to return NULL
  SELECT EVENTDATA().value ( '(/event_instance/clienthost)[1]' , 'NVARCHAR(15)');
 ```
 
-As a consequence, `EVENTDATA` always returned **NULL**, and all their SA equivalent logins were denied access. In this case, the DAC connection was not enabled, so we had no choice but to restart the server with the startup parameters listed above to drop the trigger.
+As a consequence, `EVENTDATA` always returns **NULL**, and all SA equivalent logins are denied access. In this case, if the DAC connection isn't enabled, you need to restart the server with the startup parameters described earlier to drop the trigger.
+
+## Related content
+
+- [Logon Triggers](../triggers/logon-triggers.md)
+- [sys.server_triggers (Transact-SQL)](../../relational-databases/system-catalog-views/sys-server-triggers-transact-sql.md)
+- [DISABLE TRIGGER (Transact-SQL)](../../t-sql/statements/disable-trigger-transact-sql.md)
+- [DROP TRIGGER (Transact-SQL)](../../t-sql/statements/drop-trigger-transact-sql.md)
+- [Manage trigger security](../triggers/manage-trigger-security.md)