RE: Centralized auditing question

• From: "Elliott, Patrick" <patrick.elliott@xxxxxxxxxxxxx>
• To: "cjnewman@xxxxxxxxxxxxx" <cjnewman@xxxxxxxxxxxxx>, "oracle-l@xxxxxxxxxxxxx" <oracle-l@xxxxxxxxxxxxx>
• Date: Tue, 21 Oct 2008 10:37:02 -0500

I ran into the same problem.  I solved it by logging directly into the remote 
database and pushing the data to the central auditing repository across a 
temporary database link.  The temporary database link is needed because you 
must login as SYS in order to drop any rows from the sys.aud$ table.  If any 
other user issues a "DELETE FROM SYS.AUD$" statement the database ignores it.


Pat

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Newman, Christopher
Sent: Tuesday, October 21, 2008 10:00 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: Centralized auditing question

Greetings,

I'm trying to come up with a centralized auditing solution and I think I'm 
close.  I've created a centralized DB and table based on dba_audit_trail, and 
including instance_name and host_name.  Running my scripts on the local host 
works, but running them across a db link fails with a 'SQL> @masteraudit.sql 
OBJ_PRIVILEGE, SYS_PRIVILEGE, ADMIN_OPTION, GRANTEE, AUDIT_OPTION, SES_ACTIONS, 
LOGOFF_TIME, LOGOFF_LREAD, LOGOFF_PREAD...

*
ERROR at line 2:
ORA-02070: database  does not support  in this context

Any thoughts?  The target is 10.2.0.2, and I'm inserting into a 10.2.0.4 DB.

- Chris

--
//www.freelists.org/webpage/oracle-l



[CONFIDENTIALITY AND PRIVACY NOTICE]

Information transmitted by this email is proprietary to Medtronic and is 
intended for use only by the individual or entity to which it is addressed, and 
may contain information that is private, privileged, confidential or exempt 
from disclosure under applicable law. If you are not the intended recipient or 
it appears that this mail has been forwarded to you without proper authority, 
you are notified that any use or dissemination of this information in any 
manner is strictly prohibited. In such cases, please delete this mail from your 
records.
 
To view this notice in other languages you can either select the following link 
or manually copy and paste the link into the address bar of a web browser: 
http://emaildisclaimer.medtronic.com
--
//www.freelists.org/webpage/oracle-l

• References:
  • Centralized auditing question
    • From: Newman, Christopher

Other related posts:

• » Centralized auditing question
• » RE: Centralized auditing question

1. Home
2. oracle-l
3. Archive
4. 10-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---