Seeking feedback on a new row-level DB auditing tool (built by a DBA)

2 points by nitin_flanker 18 hours ago

Hello Hackers!

Me and my co-founder has built a platform - SqlSafekeep ( https://sqlsafekeep.com) which is a row-level database data monitoring tool (not traditional database activity monitoring (DAM))

SqlSafeKeep captures every transaction row-by-row as it happens inside any SQL Server, then raises those changes into a cloud dashboard that anyone from a developer to a compliance officer can search in seconds.

It captures every single row-level change (UPDATE, INSERT, DELETE) and writes it to an immutable, off-host log in real-time. Think of it as a perfect, unbreakable data lineage for every transaction. It's designed to answer questions like:

* "Who changed the price on this product row at 9 PM on Sunday?"

* "What was the exact state of this customer record before the production bug corrupted it?"

* "Our senior DBA just left; what kind of critical changes was she making that we need to know about?"|

It's zero-code to set up and has a simple UI (we call it the Lighthouse) so that you can give your compliance folks or even devs a way to get answers without having to give them direct DB access.

The Ask: We Need Your Brutal Honesty

We need your unfiltered feedback to help us shape the roadmap. Tell us what's genius, what's garbage, what's missing, and how it would (or wouldn't) fit into your real-world workflow.

If you feel you have more to share, I am also looking to find design partners. I would like to offer you a free, unlimited access to the platform.

The Origin Story:

My co-founder was a DBA and architect for military contractors for over 15 years. He ran into a situation where a critical piece of data was changed in a production SQL Server database, and by the time anyone noticed, the logs had rolled, and the nightly backups were useless. There was no way to definitively prove who changed what, when, or what the original value was. It was a nightmare of forensics and finger-pointing.

He figured there had to be a better way than relying on complex log parsing or enterprise DAMs that cost a fortune and take months to deploy.

In case if you have more questions or want to talk in person, let me know in comments.

scientific_ass 17 hours ago

If I’m building a system that needs a full audit trail, what exactly am I gaining from your approach vs just doing insert-only rows with metadata (version, timestamp, user etc)? I mean, besides a nicer UI?

Also, when you say “immutable, off-host” — are we talking like another SQL Server instance on a diff machine? Or something else entirely?

And can this be queried directly with SQL too? Or is it locked behind some API/UI?

  • sqlsafekeep 14 hours ago

    Hey, appreciate the thoughtful questions — you’re asking exactly the right things.

    ??? “What exactly am I gaining from your approach vs just doing insert-only rows with metadata?”

    --- Short answer:

    You're skipping 3–5 days of implementation and months of future pain — and replacing it with a 1-minute install that works across all your SQL Server databases, out of the box.

    --- Longer answer:

    Sure, you could roll your own audit trail — insert-only pattern, version columns, triggers, etc. But in practice, across dozens (or hundreds) of databases, that gets messy fast. Every table structure is different. You’ll need custom scripts per DB. Version control is painful. Permissions get tricky. Debugging requires deep institutional knowledge. Not to mention… good luck making that GDPR/HIPAA/FDA-compliant in a way that auditors actually trust.

    SqlSafeKeep:

    1. Auto-generates a dedicated audit database and Lighthouse dashboard per app DB 2. Tracks every INSERT/UPDATE/DELETE row-level change — no code changes needed 3. Gives you instant lineage for any record, like: "How did this field get this value? What was it before? Who changed it and when?" 4. Surfaces changes visually, lets you search changes across databases, and offers a UI and raw SQL access 5. Reduces the typical 9-step debug workflow down to 2 steps (No breakpoints, no spelunking through controller code or stale logs)

    Example: just last week, a customer hit a bug in code I hadn’t touched in years. Pre-audit, I’d be in debugger hell for 45 minutes. With SqlSafeKeep, I saw the DB change, traced it back to a controller in 2 minutes, fixed it with confidence — zero breakpoints needed!!!!!!!

    ??? “Off-host” = different SQL Server instance?

    --- Not necessarily. We spin up a separate audit DB and audit-Lighthouse DB on your same SQL Server host, locked down to a minimum-permissions service account. These are append-only, write-only from our triggers, read-only for you. The goal is immutability + isolation without needing extra infra.

    ??? “Can I query it directly in SQL?”

    --- Yes. 100%. Nothing is hidden behind API walls. You can build your own tools, do reporting, or plug into your data pipelines. Think of it as structured time-series logs per table, per operation, per row — fully queryable.

    ---------------------------------------------------------------------------------------------------------------------------------------

    We're looking for early adopters to give feedback and try it out. Would you be open to a free trial or demo? Worst case, you walk away with a bulletproof audit DB infrastructure for your app — no strings attached.

    Let me know, happy to show it off. Appreciate the dialogue — it helps us make this stronger.