SQL Server Audit Log Event ID 24285

SourceSQL Server (LOGbinder SQL)
Action GroupDatabase-level_audit_actions
Windows Security Log
 • Subcategory
Object Access
 • Application Generated
Type Success

24285: Issued execute command (action_id EX)

This is an event from SQL Server audit event from LOGbinder SQL generated by Action Group  Database-level_audit_actions.

On this page

An execute command was issued on a database

Free Security Log Resources by Randy

Description Fields in 24285

Field Description
Occurred When event was reported by SQL Server
Authorization result If the command passed authorization checks
Session ID ID of the session on which the event occurred
Database Database affected by the event
Target object  
  ID Target object ID
  Name Target object name
  Type Target object type
Is column permission Flag indicating a column level permission
Permission bitmask When applicable, shows the permissions that were granted, denied, or revoked
Schema Schema context in which the action occurred
Statement Transact-SQL statement

Setup PowerShell Audit Log Forwarding in 4 Minutes


Where Does This Event Come From?

This Event Is Produced By

Which Integrates with Your SIEM

Examples of 24285

Issued execute command
An execute command was issued on a database
Action Group: Database-level audit actions
Occurred: 7/29/2013 4:17:58.0000000 PM
Authorization result: Access allowed
Session ID: 67
User: LB\Administrator
Server: DEV3
Database: TestDatabase
Target Object
  ID: 293576084
  Name: EmployeeList
  Type: Stored procedure
Is column permission: False
Permission bitmask: System.Byte[]
Schema: dbo
Statement: EXEC EmployeeList

For more information, see http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=24285

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection


Upcoming Webinars
    Additional Resources