| Auditing the Database [message #224177] |
Tue, 13 March 2007 06:22  |
sellafrica
Messages: 68
Registered: July 2005
Location: Braynston
|
Member |
|
|
Good Day.
I have been asked to start auditing on the database and i have not done this before can you please assist,at the moment auditing is disabled.I want to implement these in an Oracle 8i database and 10gR1 database,your assistance will be greatly appreciated.
The AUDIT_TRAIL value should be set to "OS" in the V$PARAMETER table.
All changes to tables by users with the DBA_ROLE should be audited by reviewing the setting of the SQL statements AUDIT INSERT TABLE, DELETE TABLE, UPDATE TABLE BY DBA in the DBA_STMT_AUDIT_OPS table
Auditing should be enabled for all sensitive objects such as ALTER, AUDIT, INSERT, DELETE, GRANT, and LOCK
Auditing should be enabled for all sensitive SQL statements such as DROP TABLE, CREATE TABLE, SELECT TABLE
Privileged auditing should be set for all privileged activities that are used in the database.
Unsuccessful login attempts should be monitored by reviewing the DBA_AUDIT_SESSIONS table by someone other than the database administrator, and appropriate personnel should be notified of any unauthorised activities
Inactive accounts should be monitored and removed by logging and reviewing last log in date of users through enabling login of AUDIT SESSIONS in the DBA_AUDIT_SESSIONS table
Audit logs should be protected from access by privileged users of the DBA group by locating the audit trail in an operating system file.
|
|
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
