RE: setting of audit_trail initialization parameter
- From: Don Granaman <DonGranaman@xxxxxxxxxxxxxxx>
- To: "JBECKSTROM@xxxxxxxxx" <JBECKSTROM@xxxxxxxxx>, oracle-l-freelist <oracle-l@xxxxxxxxxxxxx>
- Date: Tue, 21 May 2013 13:29:17 -0500
Each has significant advantages and disadvantages. I have worked extensively
with all of them since 8i (or whenever they became available) as we have some
clients that insist on one or another. A few highlights...
OS: Contains the least information, rather more difficult to parse and report
on, easy to secure with syslog, possible to secure otherwise (group ownership
of AUDIT_FILE_DEST is not the OSDBA group and DBAs do not routinely log in as
the software owner), least performance impact, etc.
DB: More complete information, easy to report on and "parse", most difficult to
secure the audit trail, highest performance penalty, ...
XML: More complete information, same security issues as OS files, many serious
and sometimes crippling bugs (in 10g especially it is nearly unusable),
performance impact similar to but slightly larger than with OS files, ...
OS+syslog is preferred in many situations- primarily since it has inherent
protection for the audit trail.
Don Granaman | Ph: 402-361-3073 | Cell: 402-960-6955 | Solutionary - Relevant
| Intelligent | Security
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeffrey Beckstrom
Sent: Tuesday, May 21, 2013 8:09 AM
To: oracle-l-freelist
Subject: setting of audit_trail initialization parameter
I know what the docs say but what do people really set this to; DB, OS or XML
and why?
Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority Information Systems
1240 W. 6th Street
Cleveland, Ohio 44113
TXT:SEG
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
