Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: audit response

Re: audit response

From: Tanel Poder <tanel_at_@peldik.com>
Date: Sat, 26 Jul 2003 02:02:56 +0300
Message-ID: <3f21b721_1@news.estpak.ee> 





Hi!



> For example, in 9i Release 2, you can audit SYS actions (set

> AUDIT_SYS_OPERATIONS=TRUE). That produces a trace file at the O/S level,

> and one presumes that it would be possible (and sensible) to arrange for

> the file to be written to a directory to which the DBA doesn't have

rights.



One problem is that when you're a DBA you can create a directory in Oracle
and mess the audit file up with utl_file or call some external library to do
other dark things...



One solution I've used is to run a tail -f on log file under root which
either saves copy of alert & audit logs to really secure directory not
accessible to oracle executables or even transports them to monitoring or
audit server using SSH.



Tanel.
Received on Fri Jul 25 2003 - 18:02:56 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US