Why Learn About FGA?
There are many reasons why FGA is a very helpful tool for DBAs. We’ll take a quick look at these reasons here and employ them throughout the chapter.
- Enhance security
Security is, of course, the primary purpose of FGA. The ability to record the activities of users against the database is an important security characteristic, and FGA is the best way to record information about these activities. (In certain cases, it is the only way, as traditional auditing does not capture such information as the exact query issued by a user.)
- Analyze SQL execution
FGA reveals who did what. Seeing the actual SQL statements issued by users provides a great tool for DBAs to see different types of statements issued from the applications from specific users and at certain times. Such information is helpful in deciding on indexing schemes or analyzing frequencies. It’s even more useful in Decision Support Systems where queries are generally ad hoc in nature and can’t be predicted in advance. Because it also shows other relevant information, such as timestamp and originating terminal, and because all of the information is in a table, problem diagnosis and access analysis become very easy.
- Optimize performance when bind variables are used
FGA audit trails also show bind-variable values, which are used widely in any well-designed application. How do you know what different values are passed during the application run? This information can help you decide more quickly and easily whether ...