Re: Audit Log Exporting to 3rd party applications

From: Paul Drake <bdbafh_at_gmail.com>
Date: Wed, 8 Jul 2015 15:55:01 -0400
Message-ID: <CAPptggXZF+aMjkx0wfyzGXp1MXneHHsrCV-nvbwtSMH5PWJARA_at_mail.gmail.com>



Syslog-ng ?
That has a dependency of having Cygwin installed but you might already run that for an ssh server.
On Jul 8, 2015 3:48 PM, "Jeff Chirco" <backseatdba_at_gmail.com> wrote:

> Well I am running on Windows so syslog wont work. :( I guess now I am
> wondering if most people just leave the audit logs in the database? Or do
> you offload them to another database instead of importing them into
> Splunk. I think I have a small enough environment that I might be able to
> get away with the free limit of 500mb day of data.
>
> Thank you
> Jeff
>
> On Tue, Jul 7, 2015 at 7:08 PM, Connor McDonald <mcdonald.connor_at_gmail.com
> > wrote:
>
>> Splunk is good....but pricey as the data volumes grow :-)
>>
>> If you google for "splunk alternatives" there are various open source
>> equivalents, although they are often combinations of products to deliver
>> something equivalent to splunk.
>>
>> So you're possibly trading money for complexity.
>>
>>
>> Cheers,
>> Connor
>>
>> On Wed, Jul 8, 2015 at 6:15 AM, Jeff Chirco <backseatdba_at_gmail.com>
>> wrote:
>>
>>> Hi all,
>>> I don't think I ever got a response from anyone about this question
>>> which is fine but I guess I am now just curious what you do for your audit
>>> logs. Do you leave them in your database? Maybe move them to another table?
>>>
>>> Thank you
>>> Jeff
>>>
>>> On Mon, Jun 15, 2015 at 10:18 AM, Jeff Chirco <backseatdba_at_gmail.com>
>>> wrote:
>>>
>>>> I am looking into pulling database audit logs from the database and
>>>> store in a separate application. I want to pull audit trail tables, data
>>>> vault audit tables, alert log, and whatever else.
>>>>
>>>> I know about Splunk and have started looking at it but was wondering if
>>>> there are other alternatives. Maybe simpler solutions and not super
>>>> expensive. I only have a couple servers to look at.
>>>>
>>>> Oh and all Windows Server 2008 running 11.2
>>>>
>>>> Thank you,
>>>> Jeff
>>>>
>>>
>>>
>>
>>
>> --
>> Connor McDonald
>> ===========================
>> blog: connormcdonald.wordpress.com
>> twitter: _at_connor_mc_d
>>
>> "If you are not living on the edge, you are taking up too much room."
>> - Jayne Howard
>>
>> *Fine print: Views expressed here are my own and not necessarily that of
>> my employer*
>>
>
>

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Jul 08 2015 - 21:55:01 CEST

Original text of this message