Is there a way to track changes done to SQL Server Agent jobs?
If you had a reason to believe somebody is playing around with your job settings. How would you proceed to track who did it and from where the changes were made to the individual job?
I'm thinking along the lines of extended events.
Best Answer
For sake of simplicity, I will assume that you want to track sysjobs, sysjobsteps and sysjobschedules. There may be other tables you want to monitor.
Option 1: SQL Audit (requires Enterprise Edition)
The data captured by the audit appears like this:
Option 2: Extended Events session
The data in the XE session appears like this:
Regarding this second option, I wrote a blog post on a similar subject (tracking object usage) where I describe the details of the technique. Basically, you can consider IX/X locks as updates to the underlying tables.
This session captures the bare minimum, but you can add more fields/actions to it to capture the sql text or the computer name or whatever makes sense for you.