Ddl trigger to track permission change in database

Similar Messages

• Keeping track of changes in Database

  Hi ,
  I need to keep track to the changes in tables (New Inserts , Updates , Deletions) and Procedure / Package source changes that are done , The trace is required on OSUSER
  <br><br>
  Kindly guide if there is a way to do this .
  <br><br>
  Many thanks.
  <br><br>
  Ashish Roy.

  Hi,
  You can enable auditing for tarcking any changes in database.
  http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/cfgaudit.htm
  regards
  Jafar
  http://www.oracledbarea.blogspot.com

• DDL trigger to Capture the DDL changes on one database and applies to child level databases in same server.

  Hi friends,
          I need to create one DDL trigger to Capture the all DDL modification on parent database and applies those changes to the underlying (child) databases  in my project.
          Can anyone help me out in this,how to track the changes and applies to the child level databases?
  Thanks in Advance.

  Use Visual Studio Data Tools or
  Red Gate Compare.

• How to identify or track the latest changes in database objects

  Hi,
  I am working in an application which has Oracle 10 g for backend.
  the application in total has around 30 tables and around 25 packages. I want to track the latest changes made in database. The database is accessible to my team of 20 members and i want to keep track what all changes in database(tables ,packages) are being made by them.Which package or table is being affected?
  Can yanyone please suggest how to track the same?

  To track table changes see following discussion: Re: How to find Last modified/updated time of a particular table

• How to Track the changes made to the custom table field value

  I want to track the changes made to the custom table field value in table maintenance generator.please help me it is very urgent
  Thanks & Regards,
  Kranti

  Hi Satya,
  These are the steps you've to do.
  1. Enable the change document flag in the data element level for the fields of the tables you want to monitor.
  2. Go to transaction SCDO. Create a new change object, and add your table to this object. After generation, you'll get a function module.
  3. Call this function module in the table maintainence generator screen, after the data is saved to the database table. This function module automaticallly writes the changes, with the old and new values, and the fields that were changed to the tables CDHDR and CDPOS.
  4. You can keep track of the changes made to the table by monitoring these tables.
  Regards
  Anil Madhavan

• How to track the changes at report level

  Dear Team ,
  Could you please help on below scenario.
  1.Is there any way to track the changes for each report wise ? Does it possible using the audit database?
  2. how to get list for report names by each folder wise( public folders) ?
  Thanks & Regards
  Venkat

  Hi Venkat,
  1.In Webi we have a option called Track click that option to enable you to  track the changes in your report and also in Tracking option you can change the color as you preferred.
  2.Once report is ready to export click (Ctrl+E) and click Public folder then select New folder option available in right corner and create new Folder and export your report.
  Thanks
  Vignesh R

• How to get "Synchronize with database" to compare/generate changes for database 'contexts'?

  Hi
  Using SDDM 3.3.
  How does one get to synchronise changes/differences in 'contexts' (defined in physical model - Oracle DB)?
  I have tried to synchronize both ways, i.e. model to db and db to model, but never does it show the DDL necessary to create the missing context.
  Yes, Context is selected/ticked under preferences for Oracle DB synchronization preferences.
  Thank you & Regards

  Hi Philip
  If I use the "generate DDL" option from the toolbar, it does generate DDL for the context I have in the physical model.  I can select/deselect them in the DDL Generation Options window.
  Why then would it not generate DDL when comparing the model with the database, i.e. using the "synchronise data dictionary to model" option?  It successfully generates a 'patch'/change script for tables, views, packages, etc.?
  Thank you & Regards
  PS.  I am asking for a way to get it to generate me a complete 'patch'/change script.

• Getting all_tab_columns.data_default in a ddl trigger

  Under 10.1.0.3 I'm working on an AFTER CREATE or ALTER on DATABASE system trigger, and I'm querying all_tab_columns in the trigger body. It seems that if the trigger fires in response to DDL that modifies a column's default value, then all_tab_columns.data_default is giving me the column's old default. I want to get the current default value. If I create the table or add a column, then, in the resulting fire of the system trigger, all_tab_columns.data_default seems to be correct.
  Is this documented behavior? Should I be looking somewhere (or somewhen) else for the column default?

  Thanks.
  I tried working around this by putting my code into a procedure, and then using the DDL trigger to create a job that runs the code. My idea was to defer the all_tab_columns query until after the DDL trigger was done, and thus get a clean look at the data dictionary.
  I put what looks like the appropriate dbms_scheduler calls into the trigger, but when I then execute DDL to fire the trigger I get "ORA-04092: cannot in a trigger"
  The doc for this error number says that I am trying to commit or rollback in a trigger, but I'm not explicitly doing that. Also, the error message is supposed to have either the word "commit" or the word "rollback" in the message to tell me what I am doing. Instead, though, the error message just has a space there.
  Maybe I'll start a TAR and see if 10.1.0.3 can get appended to the growing list of versions tied to this bug.

• Track the changes to the batch jobs in the PRD system.

  Hello Basis Guru's,
  Need your help in a Query. --> Is there any best practice that can be implemented to trace all the changes done to batch jobs in the past 3 months and going forward. Be it in its scheduling or its variant changes etc, i would like to track the changes to the batch jobs in the PRD system.
  Any pointers would be really helpful.
  Thanks in advance.
  Rgds,
  Sri

  Hello Raghu,
  Third party tools can only help you but not SAP. . A lot of us may think that for example if a Job 'X' runs daily then SAP considers this job as a single object.However actually SAP will treat each run of a job seperately infact as seperate jobs. If you would have noticed each job in SAP has a job id which is unique. So actually each run is unique. Now change logs can exist for only those objects that get changed. But change logs can not exist for objects that are newly created everytime !!
  If you would have noticed you can two jobs with the name A but running two different reports/variants whatver. This is because job name is not that important it is the job id.
  Every time a job runs a new entry gets stored in TBTCO,TBTCP etc.. tables. It is not that the existing entires are updated.However yes when a job is scheduled periodically there is some kind of a link that is created in the job series but it does not showo up in any of the tables!!
  As far as 3rd party tool is concerned I can name a tool like UC4. UC4 has its own database in which the job name will always be unique. For that you can easily find change logs. I think Chronicle (Redwood Scheduler) also supports this.
  Regards.
  Ruchit.

• Track user changes in customized transparent table

  Greetings..
  How do i to track user changes in my table ? is there any master table that keep track changes made by user on the specific field.? Is there possible if the table have the original and changed data.

  i got the below explanation from other thread, which has explained by an expert, so, take it as reference and interprete according to ur req.
  BEGIN
  Table Events:
  Go to SE11 and open your Ztable
  click on the Table maintenance generator.
  you can find the function group. right
  Take the Function group name and go to Tcode SE37
  and open the Function Group.
  In the Status of the small window of the Function
  group display
  you can find out change requests , Main program and
  Function group Docu tabs.
  Click on Main program and create user defined Include.
  check the sample code below
  Click on main program
  Create user defined include
  User-defined Include-files (if necessary). *
  INCLUDE LZPHIRF... " Subprograms
  INCLUDE LZPHIRO... " PBO-Modules
  INCLUDE LZPHIRI... " PAI-Modules
  Create the below include.
  INCLUDE LZPHIRI01. " PAI-Modules
  Double click on the Include name. you have the below
  code
  Loop at Extract.
  module liste_init_workarea.
  chain.
  field fild1
  field fild2
  field fild n
  module set_update_flag on chain_request.
  You have to add a new module here
  check the below code
  *----User defind module
  Module user_defind_validation.
  endchain.
  Double click on module write code in that.
  Include <Include Name> *
  *& Module user_defind_validation
  Module user_defind_validation.
  Here you can write your own validations.
  field2 = field1 /2.
  field4 = field1 /4.
  if field4 field3.
  message.
  endif.
  EndModule. "user_defind_validation
  Events allow you to change the generated table
  maintenance dialog at predefined positions, which
  cannot be reached by user modules in the screen flow
  logic.
  The user routines are called dynamically at runtime.
  For this reason, the routines must be in a user include
  in the table/view maintenance dialog function group.
  All extended table maintenance global data is available.
  An interface is only required for events 22 and AF.
  The events can be additions or replacements.
  Additional events
  Event 01 before saving the data in the database
  This event occurs before new, changed or deleted
  entries are written to the database
  FORM abc.
  DATA: F_INDEX LIKE SY-TABIX. "Index to note the
  lines found
  LOOP AT TOTAL.
  IF <ACTION> = desired constant.
  READ TABLE EXTRACT WITH KEY <vim_xtotal_key>.
  IF SY-SUBRC EQ 0.
  F_INDEX = SY-TABIX.
  ELSE.
  CLEAR F_INDX.
  ENDIF.
  (make desired changes to the line TOTAL)
  MODIFY TOTAL.
  CHECK F_INDX GT 0.
  EXTRACT = TOTAL.
  MODIFY EXTRACT INDEX F_INDX.
  ENDIF.
  ENDLOOP.
  SY-SUBRC = 0.
  ENDFORM.
  END
  thanq

• Track Admin changes in CallManager

  Can you track admin changes done in CallManager? if possible where you go to look?

  If you enable Cisco Multilevel Admin Access (MLA), you should be able to track this.
  Excerpts from the MLA System guide
  http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_1/sys_ad/4_1_3/ccmsys/a02mla.htm
  Multilevel administration access generates a log with a record of login attempts. The log includes the user name, group name, date, time, and success or failure status of the login session.
  The log also contains a file report of access/change attempts. That is, multilevel administration access generates a record of attempts to access or modify any directory or database component through the Cisco CallManager system administration. The change record includes the user name, date, time, menu accessed, web page from which the change was made, and the success or failure status of the update.
  Regards,
  Anup

• DDL-trigger can't use select on table affected by DLL-statement?

  Hi all,
  my situation
  I have a DDL-trigger that gets executed after every alter-statement. The trigger reads some information from the table CHNGHIS_TAB. The trigger works fine for all the tables except for CHNGHIS_TAB. When I try to add a column to this table, I get the following error (translated from german, I don't know, if the message is exactly the same in english):
  SQL> alter table chnghis_tab add (test varchar2(254));
  alter table chnghis_tab add (test varchar2(254))
  ERROR in Row 1:
  ORA-00604: error occurred at recursive SQL level 1
  ORA-06550: Row 12, Column 45:
  PL/SQL: ORA-00600: internal error code, arguments: [12830], [NTSDEV6],
  [CHNGHIS_TAB], [], [], [], [], []
  ORA-06550: Row 12, Column 5:
  PL/SQL: SQL Statement ignoredmy trigger
  create or replace trigger chnghis_ddl_trigger after alter on schema
  declare
      counter number := 0;
      tablename varchar2(30) := dictionary_obj_name;
  begin
      /* leave if the altered table is CHNGHIS_TAB */
      if upper(tablename) like 'CHNGHIS_TAB' then
          return;
      end if;
      /* look if the changed object is a table that should be logged*/
      select count(tabname) into counter from chnghis_tab where upper(tabname) = tablename;
      if counter = 0 then
          return;
      end if;
      /* call the procedure to generate the logging trigger */
      generateLogTrigger(tablename);
  end;Thanks for your help =)

  It looks like you are getting an ORA-00600 error. You should contact Oracle support.

• DBMS_JOBS fails inside a DDL trigger when granting permissions to roles

  Hi,
  I have a DDL Trigger through which I am granting SELECT on newly created tables to existing read-only roles
  CREATE OR REPLACE TRIGGER DBADMIN.grant_permission_trigger
  AFTER CREATE
  ON DATABASE
  DECLARE
  v_owner dba_tables.owner%TYPE;
  v_role dba_roles.role%TYPE;
  v_object dba_tables.table_name%TYPE;
  v_object_type dba_objects.object_type%TYPE;
  n_temp_int INTEGER DEFAULT 0 ;
  l_job NUMBER;
  n_temp dba_tables.temporary%TYPE;
  BEGIN
  --selecting owner
  SELECT ora_dict_obj_owner INTO v_owner FROM DUAL;
  v_role := v_owner || '_S';
  --selecting table name
  SELECT ora_dict_obj_name INTO v_object FROM DUAL;
  SELECT ORA_DICT_OBJ_TYPE INTO v_object_type FROM DUAL;
  IF (v_object_type = 'TABLE')
  THEN
  SELECT COUNT (1)
  INTO n_temp_int
  FROM dba_roles
  WHERE role = v_role;
  -- if a role does not exist already, then create a role
  IF n_temp_int != 0
  THEN
  SELECT temporary
  INTO n_temp
  FROM dba_tables
  WHERE table_name = v_object;
  IF (n_temp = 'N')
  THEN
  DBMS_JOB.submit (
  job => l_job,
  what => 'BEGIN EXECUTE IMMEDIATE ''GRANT SELECT ON '
  || v_owner
  || '.'
  || v_object
  || ' TO '
  || v_role
  || '''; END;'
  END IF;
  END IF;
  END IF;
  EXCEPTION
  WHEN NO_DATA_FOUND
  THEN
  NULL;
  END;
  I am executing this trigger as DBADMIN having the following explicit grants
  grant any object privilege
  SELECT ANY DICTIONARY
  The problem happens when someone creates a table in their procedure and drops it off at the end of the procedure, the JOB which is in the queue when it executes, it cannot find the table and the jobs are failing.
  I have given a check to see if its temporary. But still the jobs are failing. I am missing someting
  Can someone let me know what should be done? I have production issues which should be resolved.

  Hi,
  The problem happens when someone creates a table in their procedure and drops it off at the end of the procedure, the JOB which is in the queue when it executes, it cannot find the table and the jobs are failing.Seems more like this is the problem:
  SELECT temporary
  INTO n_temp
  FROM dba_tables
  WHERE table_name = v_object;If that would not throw NO_DATA_FOUND, there would be no need for the dbms_job.
  Seems safe to remove, you are not using n_temp and if it raises no_data_found you are doing nothing.
  Also, these are not necessary
  SELECT ora_dict_obj_owner INTO v_owner FROM DUAL;
  SELECT ora_dict_obj_name INTO v_object FROM DUAL;
  SELECT ORA_DICT_OBJ_TYPE INTO v_object_type FROM DUAL;You can use System Events in PL/SQL
  Why this comment?
  -- if a role does not exist already, then create a roleYou aren't trying to create a role.
  Regards
  Peter

• Tracking signature changes and bug id

  Is there a way to search the past “Cisco IDS Active Update Bulletin” for the Modification made to Signatures.
  For example if there have been changes made to a particular signature and you would like to track those changes you may need the bug id.
  Is there a way to search for the signature changes and the bug id given that you know that there have been changes made to the signature?

  Signature changes and associated bug IDs are reported in each signature update readme file. You should be able to build an archive of the readme's and search it. I do not know of searchable database that you can derive that information from otherwise.
  Scott

• Tracking ACL changes

  Hi
  I have requirement to track ACL changes for a specific folder in KM.  I need to keep a track of ACL changes happening and create report out of this.
  I thought of repository services. But I could not see any events related to ACL/Permission changes.
  Is there any way to capture ACL change events.
  Regards,
  Yoga

  Closing thread