Home -> Mailing Lists -> Oracle-L -> RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)

RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)

From: <Christopher.Taylor2_at_parallon.net>
Date: Tue, 12 Mar 2013 09:34:44 -0500
Message-ID: <F05D8DF1FB25F44085DB74CB916678E88582FD792B_at_NADCWPMSGCMS10.hca.corpad.net> 





#1 = potentially - I'll check it - this may be what I was looking for to figure out why they're showing up.



#2 = we don't seem to be auditing SELECTS whenever SUCCESSFUL



Thanks!


Chris




-----Original Message-----



From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Don Granaman
Sent: Tuesday, March 12, 2013 9:29 AM


To: Taylor Christopher - Nashville; oracle-l_at_freelists.org
Subject: RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)



Are the unsuccessful selects being audited are being audited via "audit not exists"?  Are successful selects from users without the SELECT ANY TABLE privilege also audited?



Don Granaman | Ph: 402-361-3073 | Cell: 402-960-6955  | Solutionary - Relevant | Intelligent | Security



-----Original Message-----



From: Christopher.Taylor2_at_parallon.net [mailto:Christopher.Taylor2_at_parallon.net] 
Sent: Monday, March 11, 2013 12:32 PM


To: Don Granaman; oracle-l_at_freelists.org
Subject: RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)



It's strange - I'm getting audit records for unsuccessful SELECTS and its from users that do not have SELECT ANY TABLE nor is there auditing turned on at the object layer.



I wonder what AUDIT is enabling the SELECT auditing in that case - any ideas?



Chris



-----Original Message-----



From: Don Granaman [mailto:DonGranaman_at_solutionary.com] 
Sent: Monday, March 11, 2013 12:21 PM


To: Taylor Christopher - Nashville; oracle-l_at_freelists.org
Subject: RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)



Actually, almost all privilege and statement auditing shows up in both views.  (I have no idea why though.)  The only auditing initiated by "audit select any table" is auditing the use of the 'SELECT ANY TABLE" system privilege.  It does NOT mean that selects are being audited against all tables, even for users without this system privilege.



Don Granaman | Ph: 402-361-3073 | Cell: 402-960-6955  | Solutionary - Relevant | Intelligent | Security


--



http://www.freelists.org/webpage/oracle-l




--



http://www.freelists.org/webpage/oracle-l
Received on Tue Mar 12 2013 - 15:34:44 CET












Original text of this message