Re: Auditing statements

From: David Fitzjarrell <oratune_at_yahoo.com>
Date: Wed, 3 Aug 2011 14:33:09 -0700 (PDT)
Message-ID: <1312407189.33411.YahooMailNeo_at_web65407.mail.ac4.yahoo.com>



Audit drop user;  -- addresses the schema drop (although it doesn't specify "unused")   I see no way to audit any autonomous transactions outside of instrumenting the code to populate a table.   You'll need to set  up audits for all create statements -- there is no 'blanket' audit for creates.  Same for drops and inserts, with the added criteria of "whenever not successful" to only capture failed inserts.  GRANTs also need to be individually audited (grant table , etc.) but this also audits REVOKEs.   There is no audit on starting/stopping the database because those operations are recorded in the alert log.   If anyone knows any differently I'll be happy to be proven wrong.     David Fitzjarrell From: P D <pdba1966_at_hotmail.com> To: oracle-l_at_freelists.org Sent: Wednesday, August 3, 2011 12:28 PM Subject: Auditing statements We have been asked by our security division to run these specific statements on a database for auditing purposes.   They don’t work.     These are 11.1.0.7 databases on Standard Edition.    Are there some other broad-based generic commands that can be run that will capture the purpose of what is listed here?     If they want it to capture information from every user in the database, wouldn’t we have to also explicitly state each user name, otherwise all we are really auditing is actions by the sys user since that is where the command is being run from?      Audit drop unused schemas Audit trap autonomous transactions Audit any create statement   Audit any drop statement Audit insert failures Audit grant any object Audit database start or stop
--
http://www.freelists.org/webpage/oracle-l
Received on Wed Aug 03 2011 - 16:33:09 CDT

Original text of this message