Re: Oracle Auditing by User
From: BicycleRepairman <engel.kevin_at_gmail.com>
Date: Sat, 23 Apr 2011 10:20:34 -0700 (PDT)
Message-ID: <8f91d683-0f2f-4294-ae02-4b49a7a742f6_at_u15g2000vby.googlegroups.com>
On Apr 22, 9:36 pm, indytoatl <indyto..._at_gmail.com> wrote:
> I am trying to audit select statements on a column for everyone except
> JohnDoe who works in the HR dept. How do I create the correct
> audit_condition??
>
> BEGIN
> DBMS_FGA.ADD_POLICY(
> object_schema => 'HR'
> ,object_name => 'EMPLOYEES'
> ,policy_name => 'PAYROLL_INFO'
> ,audit_condition => 'DBUser NOT = 'JohnDoe'
> ,audit_column => 'SALARY'
> ,handler_schema => NULL
> ,handler_module => NULL
> ,enable => TRUE
> ,statement_types => 'SELECT'
> ,audit_trail => DBMS_FGA.DB_EXTENDED
> ,audit_column_opts => DBMS_FGA.ANY_COLUMNS
> );
> END;
> /
Date: Sat, 23 Apr 2011 10:20:34 -0700 (PDT)
Message-ID: <8f91d683-0f2f-4294-ae02-4b49a7a742f6_at_u15g2000vby.googlegroups.com>
On Apr 22, 9:36 pm, indytoatl <indyto..._at_gmail.com> wrote:
> I am trying to audit select statements on a column for everyone except
> JohnDoe who works in the HR dept. How do I create the correct
> audit_condition??
>
> BEGIN
> DBMS_FGA.ADD_POLICY(
> object_schema => 'HR'
> ,object_name => 'EMPLOYEES'
> ,policy_name => 'PAYROLL_INFO'
> ,audit_condition => 'DBUser NOT = 'JohnDoe'
> ,audit_column => 'SALARY'
> ,handler_schema => NULL
> ,handler_module => NULL
> ,enable => TRUE
> ,statement_types => 'SELECT'
> ,audit_trail => DBMS_FGA.DB_EXTENDED
> ,audit_column_opts => DBMS_FGA.ANY_COLUMNS
> );
> END;
> /
,audit_condition => 'sys_context(''userenv'',''session_user'') != ''JOHNDOE''' should get you what you want (or substitute any of the other identifiers in the sys_context if needed). Received on Sat Apr 23 2011 - 12:20:34 CDT