RE: setting of audit_trail initialization parameter
Date: Tue, 21 May 2013 13:29:17 -0500
Message-ID: <A4B582B1B91D3C4D956D8880535CC098130505F5FF_at_MAIL.solutionary.com>
Each has significant advantages and disadvantages. I have worked extensively with all of them since 8i (or whenever they became available) as we have some clients that insist on one or another. A few highlights...
OS: Contains the least information, rather more difficult to parse and report on, easy to secure with syslog, possible to secure otherwise (group ownership of AUDIT_FILE_DEST is not the OSDBA group and DBAs do not routinely log in as the software owner), least performance impact, etc.
DB: More complete information, easy to report on and "parse", most difficult to secure the audit trail, highest performance penalty, ...
XML: More complete information, same security issues as OS files, many serious and sometimes crippling bugs (in 10g especially it is nearly unusable), performance impact similar to but slightly larger than with OS files, ...
OS+syslog is preferred in many situations- primarily since it has inherent protection for the audit trail.
Don Granaman | Ph: 402-361-3073 | Cell: 402-960-6955 | Solutionary - Relevant | Intelligent | Security
-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Jeffrey Beckstrom
Sent: Tuesday, May 21, 2013 8:09 AM
To: oracle-l-freelist
Subject: setting of audit_trail initialization parameter
I know what the docs say but what do people really set this to; DB, OS or XML and why?
Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority Information Systems
1240 W. 6th Street
Cleveland, Ohio 44113
TXT:SEG
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
Received on Tue May 21 2013 - 20:29:17 CEST