Auditing sys administrative users
By using standard auditing, operations performed against database objects by sys
or users with sysdba
and sysoper
privileges are not audited. Only details about logon including the terminal and the date are audited by mandatory auditing. This recipe will show you how to enable the audit for sys
users.
Getting ready
All steps will be performed on the HACKDB
database.
How to do it...
- In a separate terminal open
/var/log/oracle_audit.log
with thetail –f
command. From a second terminal connect assysdba
and issue a count against thehr.employees
table:SQL> conn / as sysdba Connected. SQL> select count(*) from hr.employees; COUNT(*) ---------- 107
- If you now look at
/var/opt/oracle_audit.log
you will see that nothing ...
Get Oracle 11g Anti-hacker's Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.