Re: Trap SQL statements in network traffic instead of database

From: Sandra Becker <>
Date: Fri, 11 Aug 2017 15:15:57 -0600
Message-ID: <>

I left out the part where he doesn't want to spend any money. I'll take a look at the product anyway. We may be able to leverage it for some other troubleshooting activities.



On Fri, Aug 11, 2017 at 2:54 PM, Martin Berger <> wrote:

> Oracle has a Product called
> Oracle Database Firewall.
> I never tested it, but it promises all your manager asks for.
> database-firewall/index.html
> As always, if it sounds promising, make your lawyer talk to oracle sales
> ....
> ^∆x
> On 11 Aug 2017 22:44, "Sandra Becker" <> wrote:
>> We need to produce a "log" of sql statements--along with the user, IP (or
>> host) they are coming from, and the sql statement--for another team to
>> analyze. My manager does not want to user auditing because of the
>> uncertainty of the load on this critical database. He suggested doing a
>> SPAM port capture. I opened a ticket with our SAs and they wanted to know
>> what ports. I gave them the listener ports. The SA ran a tcpdump (said it
>> was verbose), but it didn't give any information on users, app servers, or
>> sql statements. I really don't know what I'm doing here, just passing
>> information between my manager and SAs. So, questions:
>> 1. Will tcpdump give me what my manager is asking for? If yes, what are
>> the options the SA should use?0
>> 2. Is there a better way to retrieve this information without using
>> database auditing?
>> Any assistance you can provide will be greatly appreciated.
>> --
>> Sandy B.

Sandy B.

Received on Fri Aug 11 2017 - 23:15:57 CEST

Original text of this message