|
|
Posted by Brian Selzer on 06/26/07 02:35
<nyathancha@hotmail.com> wrote in message
news:1182820095.745339.128220@e9g2000prf.googlegroups.com...
> On Jun 26, 10:29 am, "Tom Cooper"
> <tomcoo...@comcast.no.spam.please.net> wrote:
>> In addition to the other replies, I would add that foreign key
>> constraints
>> are just one of many tools thedatabasedesigner can use to help ensure
>> that
>> bad data does not get placed in yourdatabase. Other tools include check
>> constraints, using the right datatypes (eg, store dates in a datetime
>> column, not a varchar column), sometimes triggers, etc.
>>
>> So an important question is what the consequences will be if (when!, my
>> experience is if bad data can be put into adatabase, sooner or later, it
>> will be) invalid data is put into your audit table(s). That might range
>> from nobody really cares, to it's going to be a lot of work to fix it, to
>> somebody (you?) gets fired, to your company would be subject to a
>> significant fine, to somebody might go to prison (if, for example, your
>> audit trail is being used to prove compliance with SOX). So ask yourself
>> questions like what will happen if your boss comes to you and says the
>> audit
>> trail says that user x created project y at time z, but there is no
>> project
>> y in the system.
>>
>> I certainly have tables in databases I have designed that do not have any
>> foreign key relationships to other tables, but before implementing one, I
>> would always think carefully about it.
>>
>> Tom
>>
>> <nyathan...@hotmail.com> wrote in message
>>
>> news:1182755325.216207.318140@g37g2000prf.googlegroups.com...
>>
>> > Hi,
>>
>> > I have a question regarding best practices indatabasedesign. In a
>> > relationaldatabase, is it wise/necessary to sometimes create tables
>> > that are not related to other tables through a foreign Key
>> > relationship or does this always indicate some sort of underlying
>> > design flaw. Something that requires a re evaluation of the problem
>> > domain?
>>
>> > The reason I ask is because in our application, the user can perform x
>> > number of high level operations (creating/updating projects, creating/
>> > answering surveys etc. etc.). Different users can perform different
>> > operations and each operation can manipulate one or more table. This
>> > part of the system is done and working. Now there is a requirement to
>> > have some sort of audit logging inside thedatabase(separate from the
>> > text based log file that the application generates anyway). This
>> > "audit logging" table will contain high level events that occur inside
>> > the application (which may or may not relate to a particular
>> > operation). This table is in some sense related to every other table
>> > in thedatabase, as well as data that is not in thedatabaseitself
>> > (exceptions, external events etc.). For example : it might have
>> > entries that specify that at time x user created project y, at time A
>> > user filled out survey B, at time C LDAP server was down, At time D an
>> > unauthorized login attempt occurred etc.
>>
>> > As I said, these seems to suggest a stand alone, floating table with a
>> > few fields that store entries regarding whats going on the system
>> > without any direct relationship to other tables in thedatabase. But I
>> > just feel uneasy about creating such an isolated table. Another option
>> > is to store the "logging" information in another schema/database, but
>> > that doubles the maintainance work load. Not really looking forward to
>> > maintaining/designing two different schemas.
>>
>> > I had a look at the microsoft adventureworksdatabaseschema diagram
>> > and they seem to have 3 standalong tables - AWBuildVersion, ErrorLog
>> > and DatabaseLog (unless i am reading it wrong!)
>>
>> > Any advice, Information or resources are much appreciated.
>
> Thanks for the prompt replies everyone.
>
>>From what I am hearing, the consensus seems to be use it if you
> absolutely must, but try to avoid it if you can.
>
> One good point everyone seems to raise is "what is it used for?" ...
> To be perfectly honest I am not entirely sure myself. Its one of those
> requirements that filtered down from the management cloud. I think
> the view is to use it mainly for "reporting" kind of functionality and
> maybe only on some rare occasion for some sort of postmortem
> debugging. Although in the latter situation, the application logs and
> the sql server logs will probably end up being more helpful. I think
> there is a system table somewhere in sql server that logs all the
> transactions and changes that happen in the table right?
>
No. It doesn't. And depending on database options, the transaction log may
not contain a persistent record of changes either, not to mention that
special tools are required to read those logs.
It is sometimes important to determine who did what, when, where (from which
workstation), and how (with which application). It's easier to track down a
bug if you don't have to rely on what the user claims they did. It can also
be used to determine which users need additional training. A DBMS can only
guarantee that the result of a modification is consistent with respect to
the schema, it cannot determine whether or not a consistent modification is
also correct.
> Crystal reports were being considered at some stage for more
> sophisticated reports, but for now they want some sort of entries in
> there to see whats happening (not necessarily at the database level,
> but at the application level). The resolution of the reporting and
> entries hasn't been decided yet ... as in, do we want to know
> everytime someone retrieves a list of customers or only when someone
> adds/removes customers. I have a feeling that if I chase this up, the
> answer is going to be "both", "we may not want to start logging very
> detailed stuff into the database right away, but if at some stage we
> want to do it, the design should allow for it."
>
> So just thinking in terms of some sort of "reporting" solution, in
> abstract a sort of condensed data for easier consumption, does it make
> sense to store an isolated table(s)/schemas along with the actual
> data?
>
I think it all depends on the requirements. Logging consumes resources and
therefore impacts all database operations.
> As to the consequences of a bad audit trail/log entry, I don't think
> it would be catastrophic (fines, people going to prison etc.). Its an
> internal application used to streamline inhouse processes. But of
> course, we still don't want bad, inconsistent data in there and it
> would lead to a lot of headaches, finger pointings, late nights etc.
>
Actually, you DO want bad information in there. Nobody's perfect, and it's
easier to find and correct mistakes if you have a record of how they got
into the database in the first place.
>
>
Navigation:
[Reply to this message]
|