Re: audit select statements

Why FGA when simple auditing will do the trick??? Isn't this making it harder than it has to be? Or using a new feature when an old feature will do?

FGA will tell you when someone has accessed specific rows of data from a table. Regular auditing will let you know when someone has accessed a table for any row.

Cheers,
Brian

Pete Finnigan wrote:
>
> Hi Roger
>
> You cannot use triggers to capture the SQL from select statements. If
> you have 9i then you can use Fine Grained Auditing to capture select
> statements. You need to set up a predicate that will always match for
> the tables you wish to audit. The standard function captures the SQL
> statement.
>
> The only other more esoteric options are to read the SQL from the SGA
> but this can lead to you missing SQL and also reading a lot of SQL that
> is irrelevant. You can use standard audit features and capture who
> accessed a table with "select" but you won't get the SQL. You could turn
> on SQL Net tracing at support level and parse the SQL from the files.
> But this needs managing as a huge amount of trace will quickly fill your
> file system, you could also use a tool like snoop to capture network
> packets and parse them.
>
> This subject has been discussed a few times recently on this group and
> on Jareds list. FGA is your only sensible option if you wish to capture
> the SQL statement.
>
> hth
>
> kind regards
> Pete
> --
> Pete Finnigan
> email:pete_at_petefinnigan.com
> Web site: http://www.petefinnigan.com - Oracle security audit specialists
> Book:Oracle security step-by-step Guide - see http://store.sans.org for details.

-- 
===================================================================

Brian Peasland
dba_at_remove_spam.peasland.com

Remove the "remove_spam." from the email address to email me.


"I can give it to you cheap, quick, and good. Now pick two out of
 the three"