Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Analyzing audit trail written to UNIX files

Analyzing audit trail written to UNIX files

From: <dbaplusplus_at_hotmail.com>
Date: 25 May 2006 05:24:36 -0700
Message-ID: <1148559876.110849.313860@g10g2000cwb.googlegroups.com> 





I am using Oracle 9.2.0.5 on HP UNIX 11i



My security department insists on writing  Oracle audit trail to  UNIX
files instead of database tables (sys.aud$), but it makes it quite
difficult to analyze audit trail data.



I was thinking of mapping Oracle UNIX Files to a external Oracle table,
but it appears that is quite difficult to do the way Oracle is writing
to audit trail on files.



Wed May 24 17:40:52 2006


SESSIONID: "142" ENTRYID: "1" STATEMENT: "1" USERID: "SYSTEM" TERMINAL:



"ttypc" ACTION: "100" RETURN



CODE: "0" COMMENT$TEXT: "Authenticated by: DATABASE" OS$USERID:


"oracle"



PRIV$USED: 5


Wed May 24 17:41:30 2006


SESSIONID: "142" ENTRYID: "2" STATEMENT: "7" USERID: "SYSTEM" TERMINAL:



"ttypc" ACTION: "43" RETURNC



ODE: "0" OBJ$NAME: "HRDB" OS$USERID: "oracle" PRIV$USED: 22



Wed May 24 18:02:22 2006


SESSIONID: "142" ENTRYID: "1" ACTION: "101" RETURNCODE: "0"

LOGOFF$PREAD: "0" LOGOFF$LREAD: "28" LOG

OFF$LWRITE: "10" LOGOFF$DEAD: "0" SESSIONCPU: "3"



Are there some scripts available to analyze audit trail written to
files.




Thanks.
Received on Thu May 25 2006 - 07:24:36 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US