Re: How to log attempts to connect as a locked user account
- From: Pete Finnigan <pete@xxxxxxxxxxxxxxxx>
- To: chet.justice@xxxxxxxxx
- Date: Tue, 04 Aug 2009 15:05:45 +0100
Hi Chet,
The problem is "it depends" on lots of things, application purpose, use,
risk strategy, whether real time or near real time alerts are
necessary. At the end of the day its down to risk and if you can manage
an email connection to the database then fine but you should be aware of
the risk (the royal "you" here not you personally, Chet!)
cheers
Pete
chet justice wrote:
> Good point Pete.
>
> How would you handle application alerts (via PL/SQL)? (perhaps that's
> another thread altogether actually).
>
> I found the links to Arup's entries on mining the listener logs:
>
> http://www.dbazine.com/oracle/or-articles/nanda14
>
> http://www.dbazine.com/oracle/or-articles/nanda15
>
> http://www.dbazine.com/oracle/or-articles/nanda16
>
> On Tue, Aug 4, 2009 at 7:35 AM, Pete Finnigan <pete@xxxxxxxxxxxxxxxx> wrote:
>
>> Hi Martin,
>>
>> There is no concept of retention time in the Oracle built in audit
>> trail; it is up to you to do everything such as purge, archive, manage,
>> report....
>>
>> I did a short paper on Oracle core audit for Security focus about 6
>> years ago but its still relevant. You can find a link in my white papers
>> page http://www.petefinnigan.com/orasec.htm
>>
>> Kind regards
>>
>> pete
>>
>> Martin Klier wrote:
>>> Thanks Pete, for your reply.
>>>
>>> Pete Finnigan schrieb:
>>>> Just to add there is a session view already built into the database
>>>> SYS.DBA_AUDIT_SESSION that limits AUD$ to just session audit logs.
>>> How can I configure the retention time of the audit log results? Is
>>> there a link/paper somewhere, or could you explain this in a few words,
>>> please?
>>>
>>> Thanks
>>> Martin
>> --
>>
>> Pete Finnigan
>> Director
>> PeteFinnigan.com Limited
>>
>> Specialists in database security.
>>
>> If you need help to audit or secure an Oracle database, please ask for
>> details of our courses and consulting services
>>
>> Phone: +44 (0)1904 791188
>> Fax : +44 (0)1904 791188
>> Mob : +44 (0)7742 114223
>> email: pete@xxxxxxxxxxxxxxxx
>> site : http://www.petefinnigan.com
>>
>> Registered Office: 9 Beech Grove, Acomb, York, YO26 5LD, United Kingdom
>> Company No : 4664901
>> VAT No. : 940 6681 14
>>
>> Please note that this email communication is intended only for the
>> addressee and may contain confidential or privileged information. The
>> contents of this email may be circulated internally within your
>> organisation only and may not be communicated to third parties without
>> the prior written permission of PeteFinnigan.com Limited. This email is
>> not intended nor should it be taken to create any legal relations,
>> contractual or otherwise.
>>
>> --
>> //www.freelists.org/webpage/oracle-l
>>
>>
>>
>
>
--
Pete Finnigan
Director
PeteFinnigan.com Limited
Specialists in database security.
If you need help to audit or secure an Oracle database, please ask for
details of our courses and consulting services
Phone: +44 (0)1904 791188
Fax : +44 (0)1904 791188
Mob : +44 (0)7742 114223
email: pete@xxxxxxxxxxxxxxxx
site : http://www.petefinnigan.com
Registered Office: 9 Beech Grove, Acomb, York, YO26 5LD, United Kingdom
Company No : 4664901
VAT No. : 940 6681 14
Please note that this email communication is intended only for the
addressee and may contain confidential or privileged information. The
contents of this email may be circulated internally within your
organisation only and may not be communicated to third parties without
the prior written permission of PeteFinnigan.com Limited. This email is
not intended nor should it be taken to create any legal relations,
contractual or otherwise.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
