SQL Server Audit Log Event ID 24144
24144: Issued an impersonate within server scope command (action_id IMP; class_type LX)
This is an event from
SQL Server
audit event from
LOGbinder SQL
generated by
.
On this page
A command to switch the execution context of the session to the specified server login was issued
Free Security Log Resources by Randy
| Field |
Description |
| Occurred |
When event was reported by SQL Server |
| Authorization result |
If the command passed authorization checks |
| Session ID |
ID of the session on which the event occurred |
| User |
|
| Server |
|
| Original context |
|
| |
Login |
Original context login |
| Target context |
|
| |
ID |
Target context ID |
| |
Login |
Target context login |
| Statement |
Transact-SQL statement |
Supercharger Free Edition
Supercharger's built-in Xpath filters leave the noise behind.
Free.
This Event Is Produced By
Which Integrates with Your SIEM
Issued an impersonate within server scope command
A command to switch the execution context of the session to the specified server login was issued
Action Group: SERVER_PRINCIPAL_IMPERSONATION_GROUP
Occurred: 8/22/2013 6:07:52.0000000 PM
Authorization result: Access allowed
Session ID: 67
User: LB\Administrator
Server: DEV3
Original Context
Login: LB\Administrator
Target Context
ID: 274
Login: TestLogin3
Statement: ALTER AUTHORIZATION ON DATABASE::[TestDatabase] TO [TestLogin3]
For more information, see http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=24144
Top 10 Windows Security Events to Monitor
Free Tool for Windows Event Collection