We need to produce a "log" of sql statements--along with the user, IP (or
host) they are coming from, and the sql statement--for another team to
analyze. My manager does not want to user auditing because of the
uncertainty of the load on this critical database. He suggested doing a
SPAM port capture. I opened a ticket with our SAs and they wanted to know
what ports. I gave them the listener ports. The SA ran a tcpdump (said it
was verbose), but it didn't give any information on users, app servers, or
sql statements. I really don't know what I'm doing here, just passing
information between my manager and SAs. So, questions:
1. Will tcpdump give me what my manager is asking for? If yes, what are
the options the SA should use?0
2. Is there a better way to retrieve this information without using
database auditing?
Any assistance you can provide will be greatly appreciated.
--
Sandy B.