Re: How do you meet your audit requirement?

From: Lyndon Tiu <ltiu_at_alumni.sfu.ca>
Date: Thu, 26 Jun 2008 18:40:23 -0500
Message-ID: <486428E7.6020200@alumni.sfu.ca>


In the OS world, you would log to a syslog running on a different machine. This separate machine is supposedly harder to break into and alter the logs.

In the network world, you would monitor network traffic using a sniffer, a machine connected to the network hub (not a switch) without an ip address. The hub would relay all network traffic to this one sniffer box. But since the sniffer box does not have an ip address, it is harder (not impossible) to find and get to.

I wonder if there are such features in the DB world?

One way would be to store redo logs on a separate hardened machine. This way, all transactions are kept and auditable.

Also, have Oracle log to it's *.log and *.trc files on a separate machine.

Any other suggestions?

-- 
Lyndon Tiu
--
http://www.freelists.org/webpage/oracle-l
Received on Thu Jun 26 2008 - 18:40:23 CDT

Original text of this message