What version of Oracle? Oracle 10gR2 can log to syslog.
--
Ron Reidy
Lead DBA
Array BioPharma, Inc.
-----Original Message-----
From: oracle-l-bounce_at_freelists.org on behalf of Stefan Knecht
Sent: Thu 8/3/2006 3:46 AM
To: oracle-l
Subject: audit_sys_operations and audit_file_dest > syslog facility
Hello folks
a client wants to tighten their auditing setup, and they need to log all
events in central syslog server. This is no problem using the regular oracle
database auditing.
However, applying the same to auditing policy for SYS seems not so trivial.
As Oracle provides no means of setting audit_sys_operations=syslog or the
like, but merely writing it into files
located in audit_file_dest, I need some mechanism to re-route these messages
to the syslog service so they can be forwarded to the core syslog server.
This poses several issues:
- The OS is AIX, Filesystem is UFS - and I'm unaware of any
filesystem-triggers that could handle such a job using OS supported
functionality
- Running a background process that constantly monitors the directory -
could easily be killed
- Protecting it via a cronjob still leaves a window open where the files can
be tampered with
- And it all seems like a hack, not like an elegant solution
Has anybody got any experience with these kinda situations ?
Appreciate any kind of feedback
Regards
Stefan
This electronic message transmission is a PRIVATE communication which contains
information which may be confidential or privileged. The information is intended
to be for the use of the individual or entity named above. If you are not the
intended recipient, please be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited. Please notify the
sender of the delivery error by replying to this message, or notify us by
telephone (877-633-2436, ext. 0), and then delete it from your system.
--
http://www.freelists.org/webpage/oracle-l
Received on Thu Aug 03 2006 - 09:24:29 CDT
