I've read a couple of online posts about the NT AUTHORITY\SYSTEM account, and they all seem to be centered around older versions of SQL Server (2005/2008), and it sounds like this account is automatically setup with sysadmin, and then people use it for running several SQL Server services.In our 2014 Cluster, it looks like this account has no rights at the instance or database level. But after the second of our 2 nodes in our cluster received the most recent security patch, I started seeing these messages in our error log once we failed over to the other node:[code]SQL Trace ID 2 was started by login "NT AUTHORITY\SYSTEM".SQL Trace stopped. Trace ID = '2'. Login Name = 'NT AUTHORITY\SYSTEM'.[code]So two things are odd. 1) Why did these just start (security patch is the most likely culprit, but why), and 2) how does this account have the privileges to start a trace, when it has no rights in the instance?Thanks,--=Chuck
↧