SQL Server Audit Log Event ID 24224

SourceSQL Server (LOGbinder SQL)
Action GroupDATABASE_OBJECT_PERMISSION_CHANGE_GROUP
Windows Security Log
Category
 • Subcategory
Object Access
 • Application Generated
Type Success

24224: Issued deny application role permissions with cascade command (action_id DWC class_type AR)

This is an event from SQL Server audit event from LOGbinder SQL generated by Action Group  DATABASE_OBJECT_PERMISSION_CHANGE_GROUP.

On this page

A command to deny permissions to an application role was issued, including cascade of permissions

Free Security Log Resources by Randy

Description Fields in 24224

FieldDescription
OccurredWhen event was reported by SQL Server
Authorization resultIf the command passed authorization checks
Session IDID of the session on which the event occurred
User
Server
DatabaseDatabase affected by the event
Target object
 IDTarget object ID
 NameTarget object name
 Permission bitmaskTarget object permission bitmask
StatementTransact-SQL statement

Setup PowerShell Audit Log Forwarding in 4 Minutes

 

Where Does This Event Come From?

This Event Is Produced By

Which Integrates with Your SIEM

Examples of 24224

Issued deny application role permissions with cascade command
A command to deny permissions to an application role was issued, including cascade of permissions
Action Group: DATABASE_OBJECT_PERMISSION_CHANGE_GROUP
Occurred: 8/22/2013 6:07:52.0000000 PM
Authorization result: Access allowed
Session ID: 67
User: LB\Administrator
Server: DEV3
Database: TestDatabase
Target Object
  ID: 9
  Name: TestAppRole
  Permission bitmask: System.Byte[]
Statement: DENY ALTER ON APPLICATION ROLE::[TestAppRole] TO [TestUser2] CASCADE

For more information, see http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=24224

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

 

Upcoming Webinars
    Additional Resources

      Go To Event ID:

      Security Log
      Quick Reference
      Chart
      Download now!