| logging DDL statements, etc? [message #64957] |
Thu, 18 March 2004 00:23  |
Akira Kenshin
Messages: 1
Registered: March 2004
|
Junior Member |
|
|
i just came up with this hypothetical situation (it may, or may not happen in real life). and if it does, i would like how to solve it:
imagine that a table has been deleted (say maliciously by a certain user)...
is there a way (an sql srcipt or something) that i can use to find out when, what DDL statement was used, probably user name, ip address (most imporatnt!), etc.?
oracle just has too many dictionary/views, that im at a lost on how to make sense of the information to get what i need.
thanks in avanced.
|
|
|
|
|
|
| Re: logging DDL statements, etc? [message #64962 is a reply to message #64957] |
Thu, 18 March 2004 04:21  |
Frank Naude
Messages: 4581
Registered: April 1998
|
Senior Member |
|
|
Hi,
You can write a database or schema level trigger to fire ON DROP and log all the required info (with IP Address) to a separate table.
The scripts section of this site contains some database level trigger examples.
Best regards.
Frank
|
|
|
|
| Re: logging DDL statements, etc? [message #64967 is a reply to message #64957] |
Thu, 18 March 2004 15:36 |
Vijay
Messages: 116
Registered: September 1999
|
Senior Member |
|
|
I am assuming that your database is 8i or above and you can do 2 things to get this information.
1) create a logon trigger for the whole database and log the username,machinename , last sql statement issued, logon and logoff time into a table. I am not sure if you can log the IP address.
2) Use logminer to find out the username, DDL statement issued and time issued. With logminer you can undo the changes too.
Once you find when a statement was issued (for e.g delete from x ) from the logminer, you can cross check with the audit table in step 1 and see who logged in at that time and get the machine name.
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
