RE: SQL audit

• From: Job Miller <jobmiller@xxxxxxxxx>
• To: William Muriithi <william.muriithi@xxxxxxxxxxxxxxxxxxx>, "'kjped1313@xxxxxxxxx'" <kjped1313@xxxxxxxxx>, "'rtylka@xxxxxxxxx'" <rtylka@xxxxxxxxx>, "'jkstill@xxxxxxxxx'" <jkstill@xxxxxxxxx>, John.Hallas@xxxxxxxxxxxxxxxxxx
• Date: Tue, 22 Dec 2009 12:22:01 -0800 (PST)

On the original question of auditing SQL, I have heard of environments  that 
use a simple FGA policy on all application data tables that checks the user and 
potentially other attributes of the session context and audits all 
access/insert/update/delete of application data in those tables from db 
accounts  other than the apps user using the application on the app server 
machines.

as someone indicated, various aspects of that can be spoofed, BUT, it doesn't 
take a lot of coding to create an FGA policy that audits app access for 
insert/update/delete from accounts other than the apps user and captures the 
SQL, host, client, etc of where the connection came from.

check the docs/google for examples of Fine Grained Auditing.




      
--
//www.freelists.org/webpage/oracle-l

• References:
  • RE: SQL audit
    • From: John Hallas

Other related posts:

• » SQL audit- Rich Tylka
• » Re: SQL audit- Sharon . Kovac
• » Re: SQL audit- Jared Still
• » RE: SQL audit- Mark W. Farnham
• » Re: SQL audit- Kellyn Pedersen
• » RE: SQL audit- John Hallas
• » RE: SQL audit- Powell, Mark
• » Re: SQL audit- Jared Still
• » Re: SQL audit- William Muriithi
• » Re: SQL audit- Kellyn Pedersen
• » RE: SQL audit- John Hallas
• » Re: SQL audit- Rich Tylka
• » RE: SQL audit - Job Miller
• » Re: SQL audit- Yong Huang
• » Re: SQL audit- Dennis Yurichev
• » Re: SQL audit- Kellyn Pedersen

1. Home
2. oracle-l
3. Archive
4. 12-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---