Re: Trap SQL statements in network traffic instead of database

From: Stefan Koehler <>
Date: Sat, 12 Aug 2017 10:09:51 +0200 (CEST)
Message-ID: <>

Hello Sandy,
no need to purchase any fancy product - AFAIK you are running Oracle on Linux and so you can do all of that with Linux.

Getting the SQL statements (and any other metadata) with SystemTap: * *

Just modify the scripts according to your needs (e.g. logging in a particular format) and that's it :)

P.S.: The overhead is also very little as you only probe on specific C functions (and not all).

Best Regards
Stefan Koehler

Independent Oracle performance consultant and researcher Website:
Twitter: _at_OracleSK

> Sandra Becker <> hat am 11. August 2017 um 22:43 geschrieben:
> We need to produce a "log" of sql statements--along with the user, IP (or host) they are coming from, and the sql statement--for another team to analyze.  My manager does not want to user auditing because of the uncertainty of the load on this critical database.  He suggested doing a SPAM port capture.  I opened a ticket with our SAs and they wanted to know what ports.  I gave them the listener ports.  The SA ran a tcpdump (said it was verbose), but it didn't give any information on users, app servers, or sql statements.  I really don't know what I'm doing here, just passing information between my manager and SAs.  So, questions:
> 1.  Will tcpdump give me what my manager is asking for?  If yes, what are the options the SA should use?0
> 2.  Is there a better way to retrieve this information without using database auditing?
> Any assistance you can provide will be greatly appreciated.
> Sandy B.

Received on Sat Aug 12 2017 - 10:09:51 CEST

Original text of this message