| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Username with failed login
On 8/15/05, Mike Schmitt <mschmitt_at_uchicago.edu> wrote:
>
> Hi All,
>
> I am trying to catch failed login attempts by using an after servererror
> database trigger. We would like to be able to catch the username that is
> being provided with these attempts, but so far I haven't had any luck.
>
> Is is possible to capture the name that was provided as part of the logon
> attempt and record that information, or do we have to use a different
> method?
>
> The edited trigger/proc we are using look like the following (We are using
> 9.2.0.4):
>
>
Mike,
Instead of coding this by hand, why not just leverage the provided functionality?
SQL> show parameter audit_trail
NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ audit_trail string TRUE
SQL> audit session whenever not successful;
Audit succeeded.
SQL> connect notauser/notmypass_at_mydb
ERROR:
ORA-01017: invalid username/password; logon denied
Warning: You are no longer connected to ORACLE.
after reconnecting with a prvileged account:
1 select username, userhost, returncode
2 from dba_audit_session
3 where timestamp>sysdate-1/24
4* and username='NOTAUSER'
SQL> /
USERNAME USERHOST RETURNCODE --------------- ------------------------------ ---------- NOTAUSER MYDOMAIN\MYDESKTOP 1017
hth.
Pd
-- http://www.freelists.org/webpage/oracle-lReceived on Mon Aug 15 2005 - 13:43:50 CDT
 |
 |