Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: SYSDBA audit

Re: SYSDBA audit

From: <wfholmes_at_yahoo.com>
Date: 15 Feb 2005 05:23:08 -0800
Message-ID: <1108473788.410731.320150@c13g2000cwb.googlegroups.com> 





Follow up from my previous post ...


>From the O'reilly web site:



Luckily, there is a Perl module written by Jesse Dougherty (updated by
Martin Pauley and Bret Giddings) that allows easy access to the Event
Log API calls.[2] Here's a simple program that just dumps a listing of
events in the System event log in a syslog-like format. We'll walk
through a more complex version of this program later in this chapter.



use Win32::EventLog;


# each event has a type, this is a translation of the common types

%type = (1  => "ERROR",
         2  => "WARNING",
         4  => "INFORMATION",
         8  => "AUDIT_SUCCESS",
         16 => "AUDIT_FAILURE");





# if this is set, we also retrieve the full text of every
# message on each Read(  )


$Win32::EventLog::GetMessageText = 1;



# open the System event log


$log = new Win32::EventLog("System")


  or die "Unable to open system log:$^E\n";



# read through it one record at a time, starting with the first entry
while ($log->Read((EVENTLOG_SEQUENTIAL_READ|EVENTLOG_FORWARDS_READ),


             1,$entry)){


    print scalar localtime($entry->{TimeGenerated})." ";
    print $entry->{Computer}."[".($entry->{EventID} &


          0xffff)."] ";


    print $entry->{Source}.":".$type{$entry->{EventType}};
    print $entry->{Message};


}



Command-line utilities like last that dump event logs into plain ASCII
format also exist for NT/2000.
Received on Tue Feb 15 2005 - 07:23:08 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US