RE: Auditing statements

• From: "Lange, Kevin G" <kevin.lange@xxxxxxxxxx>
• To: <oracle-l@xxxxxxxxxxxxx>
• Date: Wed, 3 Aug 2011 16:45:31 -0500

There is an audit record kept in the audit directory outside the
database for stops and starts (at least in 10.2).  Agree with the rest.
 
________________________________

From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of David Fitzjarrell
Sent: Wednesday, August 03, 2011 4:33 PM
To: pdba1966@xxxxxxxxxxx; oracle-l@xxxxxxxxxxxxx
Subject: Re: Auditing statements


Audit drop user;  -- addresses the schema drop (although it doesn't
specify "unused")
 
I see no way to audit any autonomous transactions outside of
instrumenting the code to populate a table.
 
You'll need to set  up audits for all create statements -- there is no
'blanket' audit for creates.  Same for drops and inserts, with the added
criteria of "whenever not successful" to only capture failed inserts.
GRANTs also need to be individually audited (grant table , etc.) but
this also audits REVOKEs.
 
There is no audit on starting/stopping the database because those
operations are recorded in the alert log.
 
If anyone knows any differently I'll be happy to be proven wrong.
 
 
 
David Fitzjarrell
 

From: P D <pdba1966@xxxxxxxxxxx>
To: oracle-l@xxxxxxxxxxxxx
Sent: Wednesday, August 3, 2011 12:28 PM
Subject: Auditing statements


We have been asked by our security division to run these specific
statements on a database for auditing purposes.   They don't work.
These are 11.1.0.7 databases on Standard Edition.    Are there some
other broad-based generic commands that can be run that will capture the
purpose of what is listed here?     If they want it to capture
information from every user in the database, wouldn't we have to also
explicitly state each user name, otherwise all we are really auditing is
actions by the sys user since that is where the command is being run
from?    
 
Audit drop unused schemas
Audit trap autonomous transactions
Audit any create statement   
Audit any drop statement
Audit insert failures
Audit grant any object 
Audit database start or stop
 
 
 




This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.

• Follow-Ups:
  • Re: Auditing statements
    • From: David Fitzjarrell

• References:
  • Auditing statements
    • From: P D
  • Re: Auditing statements
    • From: David Fitzjarrell

Other related posts:

• » Auditing statements- P D
• » Re: Auditing statements- David Fitzjarrell
• » RE: Auditing statements - Lange, Kevin G
• » Re: Auditing statements- David Fitzjarrell
• » Re: Auditing statements- Morten Egan
• » RE: Auditing statements- Don Granaman
• » Re: Auditing statements- Pete Finnigan

1. Home
2. oracle-l
3. Archive
4. 08-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---