Auditing a select statement
Hi,
Database version: 10.2.0.3
There are several application users in our database. Say A,B,C and D.
A,B and C query data from schema D. We want to audit the select queries fired by user A (in order to fetch data from D).
B and C can fire select statements but should not be audited.
How can I achieve this? Can dbms_fga a solution for this, is yes then how?
Regards,
Assuming that the "fireid" user is to be audited.
CONNECT sys/password AS SYSDBA
AUDIT ALL BY fireid BY ACCESS;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY fireid BY ACCESS;
AUDIT EXECUTE PROCEDURE BY fireid BY ACCESS;
we can see the audits according to the user you have provided.
for more reference visit ORACLE-BASE - Auditing in Oracle 10g Release 2
Similar Messages
-
Stop auditing select statements issued against SYS objects
Hi,
My current client has a requirement to track destructive updates (i.e. insert, update, delete) issued by users who can connect directly to the database. At the moment though, SELECT statements issued against SYS-owned objects are also being captured to the Oracle audit trail. For the time being at least these need to be disabled.
I've issued NOAUDIT SELECT TABLE/SEQUENCE and NOAUDIT SELECT ANY TABLE/SEQUENCE commands, as has a user with the SYSDBA privilege, and they're still being logged. Is there any way to switch these off? I don't know if it's significant (I'm not a DBA by trade) but the audit_sys_operations parameter is set to True.
My client is currently running Oracle Database 10.2.0.5.0 standard edition.
If anyone has any suggestions I'd be grateful.
Thanks in advance,
SteveHi,
Thanks for the input so far ...
@Eduardo and KarK ...
show parameter audit
audit_file_dest string D:\ORACLE\PRODUCT\10.2.0\ADMIN\USSUPM2\ADUMP
audit_sys_operations boolean TRUE
audit_trail string DB, EXTENDED
If we set audit_sys_operations to FALSE, won't that stop auditing of all actions carried out by, for example, someone who connects as SYSDBA? That is something that's still needed to be captured. Unfortunately they go to the WIndows Event Log but at least they're captured somewhere.
@Hemant
This auditing was in place before my client took me on, so I can't say what was used to initiate it unfortunately. What I can say though is that they absolutely don't want to turn off auditing by SYS- type users, just SELECT against SYS-owned objects.
Thinking simplistically, could I just write a script which trawls dba_objects for sys-owned tables, views and sequences and explicitly issues a noaudit select against what's found, and get one of the sysdba-type people we have access to to run it?
Thanks in advance (again)
Steve -
Is there any way to audit select statements
Hi
I need to audit select statements. My specific need is to know the results of every select executed on one table.
Example.
When a user executes select * from person where personid=5;
I need to be able to know who executed the query and the results obtained.
By activating audit options i can know the user, but i dont know how to store the consulted records.hi,
wanting to audit the results of select statements is ill-advised, apart from the fact it's virtually not possible to implement
(consider for example the use of bind variables) it has the following problems: it would cause a tremendous amount
of audit data, in the support practice we already advise customers to reconsider to even normally audit select table
for all users, since even recording the select statements itself is already a big volume in a typical deployment. Then
there's the performance impact as every statement wouild need to execute twice, once for the application / end
user and another time recursively to store the audit data. Short answer: don't do it.
greetings,
Harm ten Napel -
Tracking select statement on a table
Hi Guys,
I want to be able to keep track of the person (user) who runs a select statement on a table to retireve a specific person.
For example. I have a table where I store list of customers. Several people have the ability to run select statement on this table. I want to know (store) who ran a select statement on this table to retieve customer "Bob".
How can I do this. Is this possible in oracle??
ThanksThanks for your reply,.
we are using oracle 10g
I have looked at the statement auditing, but this is for a specific table. meaning everyone who runs a select statement on that table will be report. I dont want that.
I want everyone who runs a select statement to get a specific person from that table. for example
select last_name from customers where customers.first_name = 'BOB'
Thanks -
If statement in select statement alias
I have the following select statement. It has the alias Survivors, Deaths and "All Cases". Is it posible to use :P_LANGUAGE variable to say that -- IF :P_LANGUAGE = FRENCH THEN alias are Survivants for survivors, Décès for Deaths, Tous_les_cas for All Cases. Please advise
SELECT ALL T_NTR_MULTIBAR.CAT, T_NTR_MULTIBAR.NUM_CASES_LEFTBAR AS Survivors,
T_NTR_MULTIBAR.NUM_CASES_MIDDLEBAR AS Deaths, T_NTR_MULTIBAR.NUM_CASES_RIGHTBAR AS "All Cases"
FROM T_NTR_MULTIBAR
WHERE INSTANCE_NUM = :P_INSTANCENUM
order by ORDERSYou may not be able to add this condition inside the SQL Statement. But you can add this condition outside the statement, if you're using PL/SQL...
IF :p_language = french THEN
SELECT ALL t_ntr_multibar.cat,
t_ntr_multibar.num_cases_leftbar AS survivors,
t_ntr_multibar.num_cases_middlebar AS deaths,
t_ntr_multibar.num_cases_rightbar AS "All Cases"
ELSE
END IF; -
How to get all values from an interval using select statement
Hi,
Is it possible to write a select statement that returns all values from an interval? Interval boundaries are variable.
something like this:
select (for x in 1,1024 loop x end loop) from dual
(this, of course, doesn't work)
The result in this example should be 1024 rows of numbers from 1 to 1024. These numbers are parameters, so it is not possible to create a table with predefined values.
Thanks in advance for your help,
Mia.For your simple case, with a lower boundary of 1, you can use:
SELECT rownum
FROM all_objects
WHERE rownum <= 1024For a set of number between say 50 - 100, you can use something like:
SELECT rownum + (50 - 1)
FROM all_objects
WHERE rownum <= (100 - 50 + 1)Note, that all_objects was used only because it generally has a lot of rows. Any table with at least the number of rows in your range will work.
TTFN
John -
Select statement operators in ecc 6.
Hi Experts,
I have a small doubt about the '>=' ( greater than or equal to ) operator usage in select statement. Is this operator by any chance perform not as desired in ECC 6.0. Is it a good option to use 'GE' instead of '>='. ?
It may sound a bit awkward, but still I would like to know. I am facing a situation, which could be related to this. An early response would be highly appreciated.
I would request,you NOT TO REPLY with links/explanations which says how to use select statement. Only answer if you have the answers related to this query.
Regards,
Sandipan>
Jaideep Sharma wrote:
> Hi,
> The only difference is GE will take a little more time than >= as system need to convert the keyword into actual operator when fetching data from Database.
>
> KR Jaideep,
????? Every Open SQL statements is translated to the SQL slang the underlying database is talking regardless if you type GE or >=
If the result differs using >= or GE i would open a call at SAP instead of asking in SDN. -
How to find the number of fetched lines from select statement
Hi Experts,
Can you tell me how to find the number of fetched lines from select statements..
and one more thing is can you tell me how to check the written select statement or written statement is correct or not????
Thanks in advance
santoshHi,
Look for the system field SY_TABIX. That will contain the number of records which have been put into an internal table through a select statement.
For ex:
data: itab type mara occurs 0 with header line.
Select * from mara into table itab.
Write: Sy-tabix.
This will give you the number of entries that has been selected.
I am not sure what you mean by the second question. If you can let me know what you need then we might have a solution.
Hope this helps,
Sudhi
Message was edited by:
Sudhindra Chandrashekar -
Use of LIKE in where clause of select statement for multiple records
Hi Experts,
I have a account number field which is uploaded from a file. Now this account numbers uploaded does not match fully with sap table account numbers but it contains all of the numbers provided in the file mostly in the upright positions.
For example in file we have account number as 2ARS1 while in sap table the value is 002ARS1.
And i want to fetch data from sap table based on account number uploaded. So, i am trying to use LIKE with for all entries but its not working as mentioned below but LIKE is not working with FOR ALL ENTRIES.
data : begin of t_dda occurs 0,
dda(19) type c,
end of t_dda.
data : begin of t_bukrs occurs 0,
bukrs type t012k-bukrs,
end of t_bukrs.
data : dda type t012k-bankn,
w_dda type t012k-bankn.
CONCATENATE '%'
'2ARS1'
INTO W_DDA.
MOVE W_DDA TO T_DDA-DDA.
APPEND T_DDA.
CLEAR T_DDA.
free t_bukrs.
SELECT BUKRS
FROM T012K
into TABLE t_bukrs
for all entries in t_dda
WHERE BANKN like t_dda-dda.
Can anybody suggest what should i use to get the data for multiple account numbers using one select statement only instead on using SELECT UP TO 1 ROWS in LOOP....ENDLOOP ?
Thanks in advance,
AkashHi,
yes, For All entries won't work for LIKE with '% '.
I think the other alternative is go for Native SQL by writing sub-query
sample code is here:
data: begin of i_mara occurs 0,
matnr like mara-matnr,
matkl like mara-matkl,
end of i_mara.
exec sql.
select matnr, matkl from mara where matnr in (select matnr from marc) and matnr like '%ma' into :i_mara
endexec.
loop at i_mara.
write:/ i_mara-matnr, i_mara-matkl.
endloop.
hope u got it.
regards
Mahesh
Edited by: Mahesh Reddy on Jan 21, 2009 2:32 PM -
What is the use of additon in up to 1 rows in SELECT statement
Hi All,
What is the use of up to 1 rows in select statement.
for example
SELECT kostl
FROM pa0001
INTO y_lv_kostl UP TO 1 ROWS
WHERE pernr EQ pernr
AND endda GE sy-datum.
ENDSELECT.
I'm unable to get in wat situations we hav to add up to 1 rows
please help me out...
Thanks,
santosh.Hi,
Use "select up to 1 rows" only if you are sure that all the records returned will have the same value for the field(s) you are interested in. If not, you will be reading only the first record which matches the criteria, but may be the second or the third record has the value you are looking for.
The System test result showed that the variant Single * takes less time than Up to 1 rows as there is an additional level for COUNT STOP KEY for SELECT ENDSELECT UP TO 1 ROWS.
The 'SELECT .... UP TO 1 ROWS' statement is subtly different. The database selects all of the relevant records that are defined by the WHERE clause, applies any aggregate, ordering or grouping functions to them and then returns the first record of the result set.
Regards,
Bhaskar -
Secondary Index Select Statement Problem
Hi friends.
I have a issue with a select statement using secondary index,
SELECT SINGLE * FROM VEKP WHERE VEGR4 EQ STAGE_DOCK
AND VEGR5 NE SPACE
AND WERKS EQ PLANT
%_HINTS ORACLE
'INDEX("&TABLE&" "VEKP~Z3" "VEKP^Z3" "VEKP_____Z3")'.
given above statement is taking long time for processing.
when i check for the same secondary index in vekp table i couldn't see any DB index name with vekp~z3 or vekp^z3 or vekp____z3.
And the sy-subrc value after select statement is 4. (even though values avaliable in VEKP with given where condition values)
My question is why my select statement is taking long time and sy-subrc is 4?
what happens if a secnodary index given in select statement, which is not avaliable in that DB Table?Hi,
> ONe more question: is it possible to give more than one index name in select statement.
yes you can:
read the documentation:
http://download.oracle.com/docs/cd/A97630_01/server.920/a96533/hintsref.htm#5156
index_hint:
This hint can optionally specify one or more indexes:
- If this hint specifies a single available index, then the optimizer performs
a scan on this index. The optimizer does not consider a full table scan or
a scan on another index on the table.
- If this hint specifies a list of available indexes, then the optimizer
considers the cost of a scan on each index in the list and then performs
the index scan with the lowest cost. The optimizer can also choose to
scan multiple indexes from this list and merge the results, if such an
access path has the lowest cost. The optimizer does not consider a full
table scan or a scan on an index not listed in the hint.
- If this hint specifies no indexes, then the optimizer considers the
cost of a scan on each available index on the table and then performs
the index scan with the lowest cost. The optimizer can also choose to
scan multiple indexes and merge the results, if such an access path
has the lowest cost. The optimizer does not consider a full table scan.
Kind regards,
Hermann -
BI Publisher : SELECT statement in RTF template
Hi Guys
I have written a BI Publisher Report using XML file created from Oracle Reports(in Oracle Apps).
Repors runs from Oracle Apps perfectly ok. Now I need to fetch some data from couple of tables and display on the Report.
I am wondering whether I can directly code SELECT statement in RTF file rather than messing with Oracle Report(.rdf) file.
Please advise.
Thanks and Regards
VijayHey Vijay,
You cannot query in RTF using select :)..
You have to mess/play with RDF to do it ;)
Oh wait, did i say , we cannot in RTF, we can , but that is difficult approach to go with., keep this as an end of the world option. -
Can we use is null in our select statement in ABAP program
hi,
I want to use 'is nul' or 'not null' in select statement of my ABAP program for any field. I have written below query but I am getting sy-subrc = 4 and getting no data. Can anyone resolve this.Hi,
I think you've posted your question on the wrong forum. This is the SAP Business One development forum which is not part of ERP and doesn't include any ABAP or Netweaver programming.
For a list of forums please see here:
http://forums.sdn.sap.com/index.jspa
Kind Regards,
Owen -
Performance issue - Select statement
Hi I am having the 10 lack records in the KONP table . If i am trying to see all the records in SE11 , it is giving the short dump TSV_TNEW_PAGE_ALLOC_FAILED . I know this is because of less memory in the Server . Is there any other way to get the data ? How to optimise the below SELECT statement if i have large data in the table .
i_condn_data - is having 8 lack records .
SELECT knumh kznep valtg valdt zterm
FROM konp
INTO TABLE i_condn_data_b
FOR ALL ENTRIES IN i_condn_data
WHERE knumh = i_condn_data-knumh
AND kschl = p_kschl.
Please suggest .Hi,
try to use "UP TO n ROWS" to control the quantity of selected data in each Loop step.
Something like this:
sort itab by itab-knumh.
flag = 'X'.
while flag = 'X'.
SELECT knumh kznep valtg valdt zterm
FROM konp
INTO TABLE i_condn_data_b UP TO one_million ROWS
WHERE knumh > new_value_for_selection
AND kschl = p_kschl.
describe table i_condn_data_b lines i.
read table i_condn_data_b index i.
new_value_for_selection = i_condn_data_b-knumh.
*....your logic for table i_condn_data_b
if one_million > i.
clear flag.
endif.
endwhile.
Regards -
Retrieving multiple values from one column in SELECT statement
Hi,
I have a slight dilemma in that I'm trying to pull down all the values from a column from a select statement that includes some JOINS in it.
If I run the query at the SQL Plus prompt, it pulls back all the values/rows.
When I run the select (and prepared ) statement in my JSP, it only pulls back one of the 4 values I'm trying to retrieve.
e.g.
at the DB level :
SELECT role_name, CC_ID FROM votetbl a
INNER JOIN APPROVERS b ON
a.BUSVP = b.BUSVP AND
a.BRANCH = b.BRANCH
WHERE CC_ID = 1688this will return:
ROLE_NAME CC_ID
ops 1688
ops 1688
comply 1688
legal 1688
comply 1688
When run in my JSP, like so:
String primID3a = request.getParameter("primID");
Statement stmtovoter = connection.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_READ_ONLY);
String prepvotSQL = "SELECT role_name, CC_ID FROM votetbl a INNER JOIN APPROVERS b ON a.BUSVP = b.BUSVP AND " +
"a.BRANCH = b.BRANCH WHERE CC_ID = ?";
PreparedStatement prepvotstmt = connection.prepareStatement(prepvotSQL);
prepvotstmt.setString(1, primID3a);
ResultSet rest3 = prepvotstmt.executeQuery();
rest3.next();
String votecat = rest3.getString(1);
out.println("Vote category: "+votecat);I only get ops returned.
Do I need to run an enumerator? Or reqest.getParameterValues or use a while statement around the results set?
Any feedback and direction here is welcomed!
Thanks!Actually, I tried looping and still only get 1, but returned several times.
i.e.
PreparedStatement prepvotstmt = connection.prepareStatement(prepvotSQL);
prepvotstmt.setString(1, primID3a);
ResultSet rest3 = prepvotstmt.executeQuery();
rest3.next();
String votecat = rest3.getString(1);
while (rest3.next()) {
out.print("category roles "+votecat);
}then I get returned the following:
admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admincategory roles admin
like so.
Where as at the DB level I get
ROLE_NAME CC_ID
admin 1688
ops 1688
ops 1688
ops 1688
ops 1688
ops 1688
ops 1688
ops 1688
risk 1688
comply 1688
legal 1688
legal 1688
ops 1688
comply 1688
Maybe the while should go around the getString(1) designation? But I was thinking I'd tried that and gotten invalid cursor error
Something is definitely amiss, between the prepared statement in the servlet and the SELECT statement at the DB level.
I can totally hardcode the statement in the servlet or JSP and it will return one value potentially several times, but only one.
Other times, it will not return a value at all, even though one resides in the db.
Yet go to the DB/SQL Plus prompt and it returns perfectly. I can simply copy and paste the SELECT statement from the out.print line I made and it works like a champ in SQL Plus. Any ideas why the same exact thing cannot return the proper values within the servlet/JSP?
Yeeeeeeesh!!! : (
Message was edited by:
bpropes20
Maybe you are looking for
-
This is big mistake from verizon
i have the service for more than year and im very disappointed with this company...... my question is why verizon keep charge me all moths different amount? what's the different every month?
-
AS2 swf problem under AS3 swf (probably Tweener problem)
Hello. I have this problem for a days and it hasn't been soluted yet although I put it on couple of forums. I have 3 files: test.fla, file_as2, file_as3. The test.fla file is a typical Loader, which loads external swf files and shows them on the scre
-
My email links fail to open Firefox 11. They used to last week but IE updated and now links in my outlook emails do not open Firefox 11 even though it's my default browser. When I change to IE as the default the links open IE. Your assumptions about
-
Is there a way to make all email lettering BOLD?
My eye site is not as good as it use to be. Is there a way to make the printing bold all the time?
-
Scatter chart with different markers styles
Hello, I am using Oracle Apex 4. i have created a scatter chart with three series i want to use different marker style for each serie : the first is circle the second is across the third is square. Any suggestions please. Thanx..