Re: How do you meet your audit requirement?
Date: Thu, 26 Jun 2008 17:10:01 -0700
Message-ID: <bf46380806261710la32d24uf6894f7becfbbfa6@mail.gmail.com>
Since you brought it up, I have considered trying to use some external
software to track the sysdba audit logs.
This could be done with standard object auditing as well, just set audit_trail=db.
No one has ever asked me to do this, so I have not attempted this.
Anyone here done auditing this way?
On Thu, Jun 26, 2008 at 4:40 PM, Lyndon Tiu <ltiu_at_alumni.sfu.ca> wrote:
> In the OS world, you would log to a syslog running on a different machine.
> This separate machine is supposedly harder to break into and alter the logs.
>
> In the network world, you would monitor network traffic using a sniffer, a
> machine connected to the network hub (not a switch) without an ip address.
> The hub would relay all network traffic to this one sniffer box. But since
> the sniffer box does not have an ip address, it is harder (not impossible)
> to find and get to.
>
> I wonder if there are such features in the DB world?
>
> One way would be to store redo logs on a separate hardened machine. This
> way, all transactions are kept and auditable.
>
> Also, have Oracle log to it's *.log and *.trc files on a separate machine.
>
> Any other suggestions?
>
>
> --
> Lyndon Tiu
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist -- http://www.freelists.org/webpage/oracle-lReceived on Thu Jun 26 2008 - 19:10:01 CDT