| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Auditing: Trigger or Audit_Trail?
On Mon, 1 Mar 2004 23:17:27 +0000, in comp.databases.oracle.server,
Pete Finnigan <plsql_at_petefinnigan.com> scribbled:
>Hi,
>
>You might find useful my paper "An introduction to simple Oracle
>auditing" from http://www.petefinnigan.com/orasec.htm - it shows how to
>turn on audit, review what's turned on and includes some sample queries
>to check for abuse. With what you are doing i would go for kernel
>features and the basic audit commands rather than triggers. Its better
>resource wise. Also should you want to go to more detail you could
>consider fine grained audit as its performs better than triggers.
I started working through the examples and realized that I had done them a month ago when I started researching doing this. Good stuff! But I found that I wanted less auditing and on different things, so went looking for other ideas, not realizing you had more there I could look at. I did learn a LOT from that page.
I'm reading through (and working examples) your Row Level Security (http://www.securityfocus.com/infocus/1743) and have found one thing that did not work for me:
SQL> begin
2 dbms_rls.add_policy( 3 object_schema => 'VPD', 4 object_name => 'TRANSACTIONS', 5 policy_name => 'VPD_TEST_POLICY', 6 function_schema => 'VPD', 7 policy_function => 'VPD_POLICY.VPD_PREDICATE', 8 statement_types => 'select, insert, update, delete', 9 update_check => TRUE, 10 enable => TRUE, 11 static_policy => FALSE);12 end;
Thanks for providing this: "The package prototype can be found in $ORACLE_HOME/rdbms/admin/dbmsrlsa.sql where details of the API calls can be seen." I found the file and found that mine has one less parameter than yours, mine does not have the final parameter. I am leaving this out for my work on your examples, but I don't know how this will affect them or what I would like to eventually do. Maybe my using 8.1.5 is the difference? Oh, and I can't use that final '/' mark you guys use at the end of your code sections, I get compile errors when I do. Any idea why?
I really like these examples, this is one other thing I wanted to do with the database. Thank you so much for putting it out there! I have a LOT of reading to do!
-- Teresa Redmond Programmer/Analyst III Anteon Corporation tredmond at anteon dot comReceived on Tue Mar 02 2004 - 11:34:36 CST
 |
 |