I have a full chain of full backups and log backups. I am looking to investigate exactly what transaction was done by a certain user in a given period of time.
The database (thus all backups) are encrypted by TDE. Tools such as ApexSQL Log does not work on TDE-encrypted data source. Is there any way I can analyze the log file to find out the information I want?
I can run fn_dump_dblog which gives me some information, however I cannot retrieve the exact information on what was changed, such as what column was changed to what value.
Best Answer
Do you have database audit in place? temporary tables? If you have one of these solutions in place, it can be done relatively easy.
If no, you can use undocumented functions
fn_dump_dblog()to analyze log backup contents.hope this helps!