|
||
|
Title: Auditing on Oracle DBs Post by Pete Finnigan on Jul 3rd, 2006, 9:27am Any suggestions please re how to achieve useful auditing on Oracle tables? We need to audit who has accessed specific "sensitive" records or data items (columns), when and ideally where from. Oracle's Fine Grain Auditing (FGA) just records the SQL statement, which really isn't much help. Typically we would need to search an audit log using the compromised data item value (i.e. the content of a specific column/row) or at least the row's PK to find who had viewed it when, etc. Thus knowing the executed SQL statement is not really much help. |
||
|
Title: Re: Auditing on Oracle DBs Post by Pete Finnigan on Jul 3rd, 2006, 9:30pm Hi Ian, With FGA you can setup the policy to be as fine grained as necessary to ensure that an audit record is only created when the particular sensitive data is accessed. This should give you an audit record only for the specific data. to give you more details you can add a handler function written by yourself so that yu can capture any data you wish at the same time. You can then link your own log table to FGA_LOG$. Also note that the binds are captured (if any) in FGA_LOG$ hth cheers Pete |
||
|
Powered by YaBB 1 Gold - SP 1.4! Forum software copyright © 2000-2004 Yet another Bulletin Board |