Re: How to log attempts to connect as a locked user account
- From: Bradd Piontek <piontekdd@xxxxxxxxx>
- To: Akhmadeev@xxxxxxxxxxxxxx
- Date: Fri, 31 Jul 2009 09:49:09 -0500
I was going to suggest the same thing. Make sure AUDIT_TRAIL is set to
something other than NONE (DB is good). This requires an instance restart.
I'd show my 11g example with a locked account, but for some reason my
buffers aren't working between my VM and host OS.\
Bradd Piontek
"Next to doing a good job yourself,
the greatest joy is in having someone
else do a first-class job under your
direction."
-- William Feather
On Fri, Jul 31, 2009 at 9:44 AM, Timur Akhmadeev
<Akhmadeev@xxxxxxxxxxxxxx>wrote:
> SQL> audit session whenever not successful;
>
>
>
> Audit succeeded.
>
>
>
> SQL> conn asdf/asdf
>
> ERROR:
>
> ORA-01017: invalid username/password; logon denied
>
>
>
> SQL> conn / as sysdba
>
> Connected.
>
> SQL> select * from (select username, action_name, returncode from
> dba_audit_trail
>
> 2 order by timestamp desc) where rownum <= 1;
>
>
>
> USERNAME ACTION_NAME RETURNCODE
>
> ------------------------------ ---------------------------- ----------
>
> ASDF LOGON 1017
>
>
>
> Thanks,
>
> Timur Akhmadeev
>
>
>
> -----Original Message-----
> From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]
> On Behalf Of Martin Klier
> Sent: Friday, July 31, 2009 17:53
> To: 'oracle-l@xxxxxxxxxxxxx'
> Subject: How to log attempts to connect as a locked user account
>
>
>
> Dear list,
>
>
>
> I want to design poor man's auditing for one single case: My user
>
> accounts are locked, and I want to log the connection attempts. But
>
> since there is no BEFORE LOGON ON DATABASE trigger (for rather obvious
>
> reasons).
>
>
>
> (Background info: Decommissioning of a test database: I want to find
>
> ancient jobs or autistic developers that don't complain, before dropping
>
> the storage there.)
>
>
>
> Is there any best practice for this? I'm using 9i, 10g and 11g.
>
>
>
> Thanks for any response
>
> Martin Klier
>
> --
>
> Usn's IT Blog for Linux, Oracle, Asterisk
>
> http://www.usn-it.de
>
>
>
> --
>
> http://www.freelists.org/webpage/oracle-l
>
>
>
>
>
>
> ------------------------------
> The information transmitted herein is intended only for the person or
> entity to which it is addressed and may contain confidential, proprietary
> and/or privileged material. Any review, retransmission, dissemination or
> other use of, or taking of any action in reliance upon, this information by
> persons or entities other than the intended recipient is prohibited. If you
> received this in error, please contact the sender and delete the material
> from any computer.
>
>
Other related posts: