Audit users

Similar Messages

• Difference between RFC, SYSTEM and AUDIT users?

  Hi All,
  Can you highlight the main differences between the following users:
  RFC
  SYSTEM
  AUDIT
  how do their functions differenciate them ?
  Thanks in advance,
  Diwakar

  RFC User
  RFC user is basicly used to receive status messages. An RFC user has to be created in all the system clients where messages needs to be recieved. An RFC user can also be used for receiving messages using SMTP plug-in.
  The RFC User is an sap user of type System and that's why no person can logon with this user on SAP System.
  Following is thr procedure to create RFC User, remember the purpose is to recieve messages including status messages as well.
  Creation of RFC User
  Go to  Tools > Administration > User Maintenance > Users.
  Enter a name, for example MAIL_ADMIN.
  Select "New"
  On the Logon data tab page, select the user type System.
  Enter a password.
  On the Profiles tab page, enter the authorization profile S_A.SCON. This profile minimizes the risk of misuse, even if the communication system does not store the password is encoded form.
  Select "Save"
  Both RFC user and a System user are of type System only. Now the difference, depends upon the profile and authorization of the user.
  Audit users are of type dialog, and can be used by a person to logon to system. There might be many roles assigned to this user. My understanding is that an Audit User is not a standard sap type user but just a dialog user and can be created with a conventional method of creating any other dialog users with a specific profile and authorizations.
  Still to confirm, Can you please tell us, how many types of users does it shown in 4.6c at the time of user creation?
  Best Regards,
  Amol Bharti

• Audit users who try to login on the db

  Hi Team,
  The oracle database version is 11g and the OS is solaris sparc 64 bit.
  I am trying to find the users who try to login into the db user "FEED" which are unsuccessful , what is happeing is, the user put a wrong password , the account gets locked. So we need to find the users who are trying to login.
  please suggest a method.
  regards
  KK

  Hi;
  1. If you are looking for core db login issue you can check this search . Similar issue mention here many times before
  2. If your issue is related wiht EBS than pelase see:
  Re: Audit users
  after set
  - Login to "System Administrator" Responsibility
  - Navigate to Profile > System
  - Query "Sign-On:Audit Level"
  - Set "Sign-On:Audit Level" to FORM
  - Click on Save
  - Logoff then Login back
  - Navigate to Security > User > Monitor
  - Ctrl + F11 ?---=refresh
  Also see:
  How do you audit an Oracle Applications' user? [ID 395849.1]
  Auditing: How Do I Audit Responsibilities and Data? [ID 436316.1]
  Monitor Users Screen Displays Many Users Still Logged into Oracle Applications Even After They Have Logged Out [ID 143435.1]
  Regard
  Helios

• How to Audit Users

  How I can audit users? Is there any way. I want to see users activities user has performed.
  -- Amer

  I'm not very sure about the syntax but this is the command
  AUDIT SELECT TABLE BY user_name.
  There can be three type of Audits
  1. Privilege Audit - Audit on a privilege as given in the example above
  AUDIT privilege_name[,privilege_name] BY user_name
  2. Schema Object Audit - Audit specific statement on a specific schema object
  3. Statement Audit - Audit any statement on a schema object.
  <BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by Mirza Amer Baig ([email protected]):
  How I can audit users? Is there any way. I want to see users activities user has performed.
  -- Amer<HR></BLOCKQUOTE>
  For more info. refer to the documentation ;-)
  Naveen

• BC4J Audit Users Sample - How to use in a Class Diagram

  I downloaded/reviewed the BC4J sample for auditing users, and am trying to incorporate it into a Class Diagram,
  so I can explicitly show that my 'Entity' extends EntityAudit. When I create an 'EntityAuditImpl' Entity Object in the Class
  Modeller, and then try to indicate that my 'Entity' extends EntityAuditImpl, I get a null pointer exception when applying the change.
  Help! What is the proper way to express the relationship is a Class Diagram?

  Randy,
  It sounds as though you're trying to model the type of relationship where one entity object extends another one - which
  in this case isn't the right relationship. In this case only the Java classes are being extended. So if your new EO is
  called MyEO:
  EntityAuditImpl extends EntityImpl
  MyEOImpl extends EntityAuditImpl
  One way to model this relationship:
  1. Add a new entity object (MyEO) to your UML diagram
  2. On the diagram, double-click MyEO to edit your entity object
  3. In the entity object editor, select the Java page then click Extends...
  4. In the Base Classes dialog, click Browse... to the right of the Row field, and navigate to EntityAuditImpl
  5. Click OK, OK, OK to dismiss all of the dialogs.
  If you take a look at MyEOImpl.java you'll see that the class extends EntityAuditImpl.
  6. On the diagram, right-click MyEO and select Show Implementation Files. This adds MyEOImpl to the diagram.
  7. Now, right-click MyEOImpl and select Show Related Elements. This adds EntityAuditImpl to the diagram, and shows
  it as being the superclass of MyEOImpl.
  Hope this helps
  Blaise

• How do I enable "Audit user account logons" using PowerShell, to improve security?

  With successful hacking attacks more often employing valid Active Directory user credentials, it is quite helpful when administrators can
  easily poll user logon events. Rather than query
  every domain computer for its logon events, one can alter the Default Domain Controller Policy GPO to enable "Audit user account logons" (Success and Failure) then merely poll
  only the domain controller -- quite efficient. PowerShell helpfully has its Group Policy Module, including the following two cmdlets.
  1) Get-GPO "Default Domain Controllers Policy" will retrieve the top-level GPO object, but how do I enable that specific setting?
  2) Set-GPRegistryValue might be the right tool, but I cannot find any documentation on the values I need to supply to its parameters (-Name -Key -ValueName -Type -Value) to enable "Audit user account logons" -- both Successes and Failures.
  One can manually modify this setting using the Group Policy Management console GUI on the domain controller, but I am trying to upgrade my professional work habits to use stored scripts, rather than unrecorded point & clicks, so that my actions are repeatable
  and documented.
  Any pointers to documentation or an example would be welcome. I originally posted this question in the TechNet PowerShell Forum this afternoon, but someone recommended I copy it to the TechNet Group Policy Forum.
  Jeffrey - New Orleans MCITP Enterprise Administrator, Virtualization Administrator

  Hi Jeffrey,
  >>One can manually modify this setting using the Group Policy Management console GUI on the domain controller, but I am trying to upgrade my professional work habits to use stored scripts, rather than unrecorded point & clicks, so that my actions
  are repeatable and documented.
  Before going further, although you have expressed that you don't want to use GPMC GUI to configure the audit setting, in fact, it's an easy and comparatively handy method to set the setting. Besides, based on the description, you
  want to use PowerShell to do this. However, as far as I know, PowerShell can configure registry-based policy settings and Group Policy Preferences Registry settings, but audit policy security settings are not registry keys.
  Nonetheless, if we really don't want to use GPMC console to do this, we can use Auditpol.exe to set the audit setting.
  Regarding this point, the following article can be referred to for more information.
  Auditpol
  https://technet.microsoft.com/en-in/library/cc731451.aspx
  Auditpol set
  https://technet.microsoft.com/en-in/library/cc755264.aspx
  In addition, regarding Group Policy Cmdlets in Windows PowerShell, the following article can be referred to for more information.
  Group Policy Cmdlets in Windows PowerShell
  https://technet.microsoft.com/en-us/library/ee461027.aspx
  TechNet Subscriber Support
  If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
  Best regards,
  Frank Shen

• Auditing users

  hi
  i have a script that runs in BO to audit users list, and it ran fine until it exceed 1000 rows and i get this error :
  (The program failed to run and supplied the following information, crystalEnterprise 115. FW_InfoObjects.1: Item 1001 was not found in the collection.)24:4,
  is there a way of increasing the limit to over a thousand or unlimited.
  here is the script:
  // Get user list
  var IInfoStore;
  var resultquery;
  var users;
  IInfoStore = Session.Service("", "InfoStore");
  ResultQuery = "SELECT SI_NAME, SI_ID FROM CI_SYSTEMOBJECTS WHERE SI_KIND='User'"
  Users = IInfoStore.Query(ResultQuery);
  var rowcount;
  var i;
  rowcount=Users.ResultCount;
  for(i=1; i <= rowcount; i++)
      var line;
      var info;
      var dquote;
      info = Users.Item(i);
      line = '"' + info.Title + '"';
      Script.WriteLn(line);
  Thanks

  Try
  ResultQuery = "SELECT TOP 10000 SI_NAME, SI_ID FROM CI_SYSTEMOBJECTS WHERE SI_KIND='User'"

• Need help about audited user.

  Hello folks
  Some days ago I detected that some user was trying to connect to my database with incorrect credentials, I detected it ´cause that user was blocked after 5 attempts (defined at profile) . So, I audited it and I could find OS user name, username, userhost, terminal, IP but I need to know what modules are from he connected to database (sqlplus, toad, aplication, etc).
  Thanks for helping.

  It may be worth looking through the listener logs for that time frame to see if you can identify the program in use.

• Auditing user activity in Oracle 9i

  I need to provide some kind of measure of user activity in our Oracle DB.
  Essentially we are trying to find low consumers who perhaps have little or no need for access to the database, perhaps they do one enquiry a day or only access information once a week.
  However, if they log in every day, all day, it doesn't necessary mean they are a havy user of the database, they may never actually query or update anything.
  With that in mind, is it possible to provide activity auditing in Oracle 9i, with new or existing procedures?
  For one application our users share an Oracle account but their OS User would always identify them.
  So ultimately I would like to report:
  For last week Oracle DB usage of database XYZ is:
  User Os User Consumption
  ADAM Adam 1000
  GSPAM SpamG 900
  SLACKA ASlack 877
  PINT ASlack 876
  PINT Adam 854
  I have no idea one might measure consumption!
  Thanks

  cubittm, I have done what you are asking about.
  Depending on how much detail you want you can set up database event logon and logoff triggers to capture this information.
  On logoff you update a statistics row with the values from v$sesstat for the logging off session for those statistics you want to measure. Note, you will not be able to capture statistics for session that abnormally terminate since the logoff trigger does not fire in that case.
  All you actually need is a logoff trigger and one row per user to get totals. If you want details then you need one row per day or a set of rows for every logon/logoff depending on how much detail you want to collect.
  If you generate data for every logon/logoff the data quantity can build up very fast depending on your application user load. If the target table fills then no one can logon so make sure you have adequate space available and a purge process. This process will not work very well if everyone logs in via a single application id and connection pooling is in use.
  HTH -- Mark D Powell --

• Auditing User Licenses

  Hi all-
  Is there an easy way to audit/count the number of licenses you are currently using based on user provisioning? I tried to export security from shared services and use this data but I need to do a lot of data manipulation/lookups to apply group roles to users, sort data, etc..
  Thanks
  Jeff

  Hi Sanjay,
  Has this query of urs been resolved? I have a similar query & would also like to knw how to create ICSS Users.
  Kindly help.
  Thanks & Regards,
  SP

• New Audition User - Multitrack Fading

  In a multitrack session, how do I fade audio mid-clip? Ie not a fade in/out of audio but in middle?
  This Netia user is getting frustrated with Audition!

  DaveCussons1 wrote:
  This Netia user is getting frustrated with Audition!
  I've heard similar comments before from users of what could be termed 'broadcast assist' software, and I can't really say that I'm that surprised - that sort of software and Audition aren't really aimed in quite the same direction. Broadcast assist software has to be dead easy to use, especially in a panic situation, and essentially it achieves this by having limited functionality, but presented in a very user-friendly way - just as it should be. Audition though covers way more bases, and accordingly it can't help but be more complicated - even though the user interface is more friendly than some of its direct competition.
  So if you'll forgive the war-like comparison, I suppose that you could say that broadcast assist software could be described as a fixed bayonet compared to Audition's Swiss Army knife...

• Auditing user activity

  Hi,
  is there anyway to know that what dml/ddl command a user is executing and on which table the impact is taking place?
  regards,
  Edited by: user8983130 on Sep 9, 2012 12:35 AM

  user8983130 wrote:
  Hi,
  is there anyway to know that what dml/ddl command a user is executing and on which table the impact is taking place?
  http://docs.oracle.com/cd/E11882_01/network.112/e16543/auditing.htm#BCGHGJJH
  Aman....

• How to audit user activities

  hi,
  suppose a user login using Oracle ID and Password and can do insert, delete, drop, create, alter.
  from upper management, changing the grant permission is not an option.
  how do audit an user activites, on 10gR2 or 11gR2?
  thanks.

  See the security guide:
  http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/auditing.htm#i1011984
  also the SQL reference:
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_4007.htm#i2059073
  You will probably arrive at something like
  AUDIT TABLE BY username; -- audits CREATE and DROP
  AUDIT ALTER TABLE BY username;
  AUDIT INSERT TABLE BY username;
  AUDIT UPDATE TABLE BY username;
  AUDIT DELETE TABLE BY username;
  etc.
  Read the material carefully, so you understand 'statement auditing' versus 'privilege auditing', etc. There are multiple, overlapping concepts here.
  Audit records such as these can be reviewed in SYS.DBA_AUDIT_TRAIL.

• Is there a way to audit user accounts by last login date/time?

  Hello all,
  Is there a way to see or report on a user's last login.  I don't see a last login date parameter in the UM record.  I see that all security events are logged in the security log including logon and logoff, but what I need is to be able to produce a report that provides all user accounts which have not been logged on to since a specified date or # of days, i.e. since 01/01/2008 or >180 days.
  Any clues or guidance is appreciated.
  Regards,
  Paul

  Is there a SAP / Portal standard way of accessing this information?
  Our authorisations team have asked me to get them such a report, and I can't find anything on the portal (NW2004) that would give this information. I don't think the basis guys would be terribly chuffed to provide access directly to the database. If this (database access) is the only way, then I suppose a custom developed app could be created and deployed to the portal, but I would have thought this is a reasonalby sensible report so would be standard content somewhere.
  Cheers,
  Andrew

• How to audit users who enabled traces?

  hi hussein,
  I believe lots of our functional have enable some traces to debug their respective process. That's why our disk
  space get full easily (50Gb) logs. So I have to create a cron batch job to delete the background dump dest every
  hour.
  How do I list (using select) of database fnd tables which users enabled some traces? which may follow the following Note: 245974.1 >7.C
  2.      To generate comprehensive trace files perform the following steps:
  a.      In System Administrator / Profile / System - set the profile for the USER who will perform the action to generate the trace file.
  Profile = Initialization SQL Statement – Custom use the following text for the profile
  ALTER SESSION SET TRACEFILE_IDENTIFIER='TRACE_01'
  max_dump_file_size=unlimited
  EVENTS='10046 TRACE NAME CONTEXT FOREVER, LEVEL 8'
  b.      Note: Use / Edit / Edit Field to bring up a text box to paste in the 3 lines above easily, then press OK
  c.      Have that user launch the process and then exit the applicationsAs I might do it now too and may forget to turn it back off.
  Or this could be done at the back-end side on the database itself.
  Thanks a lot

  hussein,
  a.      In System Administrator / Profile / System - set the profile for the USER who will perform the action to generate the trace file.
  Profile = Initialization SQL Statement – Custom use the following text for the profile
  ALTER SESSION SET TRACEFILE_IDENTIFIER='TRACE_01'
  max_dump_file_size=unlimited
  EVENTS='10046 TRACE NAME CONTEXT FOREVER, LEVEL 8'I go to System Administrator / Profile / System , to enter field for the "USER" to will run the Concurrent Program. I am using the user "PROCESS_OPS" with password "welcome". But the Site must be entered first. What do I put on the site?
  Thanks
  Edited by: yxes2009 on Nov 4, 2009 12:08 PM