Home » RDBMS Server » Server Administration » CUSTOMIZED AUDITING
CUSTOMIZED AUDITING [message #201084] Thu, 02 November 2006 08:10
suvv
Messages: 17
Registered: October 2006
Junior Member
We are looking at solution alternatives for a 'customized auditing'requirement, whereby we with to log GRANT/REVOKE statements made. In addition to the columns that out-of-box Oracle auditing would provide through SYS.AUD$, and its associated views (eg: DBA_AUDIT_TRAIL), we wish to record 2 additional 'custom' attributes - (1) TicketID and(2) BusinessReason for making the privilege change. Our front-end
interface that issues the GRANTS and REVOKES provides for collecting the custom attribute values, which we currently 'store' by setting public property values in a package.Our initial idea was to write an After Insert trigger on SYS.AUD$, but ORA-04089 disallows this, and for good reason !!
We're now considering writing 'AFTER GRANT ON DATABASE' and 'AFTER REVOKE ON DATABASE' database event triggers. This certainly can be done. If possible, in addition to our TicketID and BusinessReason custom attributes, we'd like to record whatever columns are needed to allow for 'linking to' the associated SYS.AUD$ row that is written if appopriate Oracle auditing is turned on. In this way, we would have access to the detailed attributes captured in SYS.AUD$.

There are 2 fundamental questions:

1. Would the associated SYS.AUD$ rows be in the table at the time our database event triggers are being performed ?

2. What set of columns from SYS.AUD$ would support the 'linking' capability ?

Thank-you,
Previous Topic: Checkpoint Start Time & End Time
Next Topic: unable to allocate 4096 bytes of shared memory
Goto Forum:
  


Current Time: Sat Dec 03 20:34:03 CST 2016

Total time taken to generate the page: 0.09853 seconds