January 5, 2009 at 9:18 am
The entries seen below are being created at least fifty times per second. It's causing the syslogs to become enormous and the security log to become useless because it scrolls relevant events. A new process has been created:
> New Process ID: 8872
> Image File Name: C:\WINDOWS\system32\cmd.exe
> Creator Process ID: 3692
> User Name: sqladmin
> Domain: BFPROD01
> Logon ID: (0x0,0x10A748)
> A process has exited:
> Process ID: 8872
> Image File Name: C:\WINDOWS\system32\cmd.exe
> User Name: sqladmin
> Domain: BFPROD01
> Logon ID: (0x0,0x10A748)
Maybe anybody knows how this can be stopped from logging?
January 5, 2009 at 9:24 am
haven't seen this, perhaps there's a configuration setting in SQL Agent to log shell access? Or xp_cmdshell access? Or there's there's an issue running it that's tripping windows auditing?
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
January 5, 2009 at 11:25 am
Thank you, that's what I am trying to find out, what configuration settings I may change to stop it from logging. I checked SQL AGENT properties and there is nothing about it there. Just don't know where to look. There is not much stuff about it on the websites.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply