How to know if Fine Grain Auditing is used

Similar Messages

• Fine Grained Audit records to syslog

  Hello experts,
  I am working on Standard Auditing and Fine Grained Auditing on 11.2.0.3 databases on Red Hat x86_64.
  I am trying to send Fine Grained Audit records to syslog as for my Standard Audit records with audit_trail set to OS, but can't find any appropriate option.
  When I create FGA policies with the ADD_POLICY procedure of the DBMS_FGA package, the audit_trail parameter can only be set to DB or XML, as stated in [PL/SQL Packages and Types Reference|http://docs.oracle.com/cd/E11882_01/appdev.112/e25788/d_fga.htm#CDEIECAG].
  Does somebody know if it is possible to send FGA audit records to syslog directly:
  1. without using any additional product (e.g. Oracle Audit Vault)?
  2. without doing manual extraction from fga_log$ or DBA_COMMON_AUDIT_TRAIL?
  Thanks for any suggestion.

  Hi,
  Well, i did not used FGA yet.
  I used audit_Trail=db and the query SELECT username,extended_timestamp,owner,obj_name,action_name,sql_text FROM dba_audit_trail WHERE to_char(extended_timestamp, 'DD/MM/RR') = to_char(SYSDATE - 1, 'DD/MM/RR') ORDER BY timestamp)
  Then i wrote a procedure, and exported the results using utl_file .
  And i scheduled this procedure to run daily.
  It works pretty good, if you like the solution as ask for details.
  Hope that helps,
  Regards.

• Should I use the fine-grained auditing?

  I need to record the changes (of data) made to serveral tables by users. For example, I have to check the before and after images of the changes and what kind of transactions they do to cause the changes. Sould I program the logging procedure in the application or should I use the fine-grained auditing function of oracle to do it. I am not sure what this built-in function can do for me. Can anyone give me some advice on this? Thks.
  A beginner

  Why Fine-Grained Auditing?
  You may want to check standard auditing if it is suitable for you
  http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/cfgaudit.htm#BABCFIHB
  I don't think you can get pre and post update values of the affected data with Auditing.
  FGA is useful when you want to audit just a "subset" of the data in the table.
  (for instance, audit everyone that wants to get all records from EMP table where SALARY > 100000)
  Message was edited by:
  tekicora

• Fine-grained auditing

  Is there any way to audit more than one table using fine-grained auditing in oracle 10.2.0.
  Thnks in advance.

  sonidba wrote:
  Is there any way to audit more than one table using fine-grained auditing in oracle 10.2.0.
  Thnks in advance.Read this
  Re: use multiple tables in FGA Add_policy?

• How to know whether the current database is using a password file or not?

  How to know whether the current database is using a password file or not?

  The remote_password_file is the parameter that determines if you can use or not a password file. The values this parameter can have are NONE, SHARED, EXCLUSIVE. It is pretty obvious, if it is set to either SHARED or EXCLUSIVE the oracle instance has enabled the access through a password file for the SYSDBA and SYSOPER roles.
  ~ Madrid

• How to know which type of jdbc driver used in my application

  How to know which type of jdbc driver used in my application.

  My approach will be....
  Type1: you have to have ODBC s/w install on your machine...even the connection string starts with jdbc:odbc....so it can be identifed easily
  Type2: you have to install client s/w in your machine...if you are using oracle oci driver ...you need to install oracle client s/w
  Type3: you use servername / port to connnect to middleware
  Type4: you do not need any client s/w
  So, If your application works without any client s/w on your machine....you might be using Type4/Type3 driver.....otherwise Type2
  Someone pls add more ....

• How to know whether a particular query is using the aggregates

  hi all....
  im very new to this group so plz help me out.....anyway hi to all ....
  There are many aggreegates are there but how to know which query is using perticular a?gregates

  Hi,
  use query monitor screen RSRT and select the option execute + debug . and u can have the option of checking display aggreagates for that query!
  cheers,
  ravi

• How to know what level of optimization to use / which symbols to remove

  I probably should have asked this question along time ago, but how do you know what level of optimization to use and what symbols you can safely remove when compiling

  EDLundquist wrote:
  I probably should have asked this question along time ago, but how do you know what level of optimization to use and what symbols you can safely remove when compiling
  I have no direct experience with development for Macs, but based on my experience on other platforms, I'd use lower optimization and symbol removal early in the debugging process, increasing those as the program becomes more stable.

• How to know the list of scenario that use a KM

  In ODI work repository, from which table I can know a list of interfaces that use one IKM and from which table I can can know a list of package that use that interface? The reason for this question is I want to regenerate all scenarios impacted by that KM.
  Thanks

  Hi,
  try this:
  SELECT snp_scen.scen_name
  ,snp_scen.scen_version
  ,snp_package.pack_name
  ,snp_step.step_name
  ,snp_pop.pop_name
  ,snp_trt.trt_name
  FROM snp_scen
  INNER JOIN snp_package on snp_scen.i_package = snp_package.i_package
  INNER JOIN snp_step on snp_package.i_package = snp_step.i_package
  INNER JOIN snp_pop on snp_step.i_pop = snp_pop.i_pop
  INNER JOIN snp_trt on snp_pop.i_trt_kim = snp_trt.i_trt -- integration
                           or snp_pop.i_trt_kcm = snp_trt.i_trt --check
                           -- more joins here !

• Fine grained auditing on table, but I don't want it on view

  I have a table which contains sensitive information, and I want to audit all queries on it except the web account 'EJBUSER', so I created the below policy:
  begin
  dbms_fga.add_policy( policy_name => 'STAFF_LOGON_QRY_POLICY'',
  object_schema => 'CPY',
  object_name => 'STAFF_LOGON',
  statement_types => 'SELECT',
  audit_condition => 'SYS_CONTEXT(''USERENV'',''SESSION_USER'') != ''EJBUSER'' ');
  end;
  This does exactly what I want, but I also have a view off this STAFF_LOGON table (below) which users can query to see their own details.
  create or replace view CPY.V_STAFF_LOGON
  as
  select * from cpy.staff_logon
  where user_name = user;
  When a user queries this view, it also writes an entry to the dba_fga_audit_trail, but I only want to see queries against the base table, not the view.
  Is it possible to fga audit the base table only, and not the view?
  Edited by: stuartu on Feb 17, 2010 11:36 AM
  Edited by: stuartu on Feb 17, 2010 12:01 PM

  But does this delete the whole account from the cloud, or just from my device. I must make sure my husband doesn't loose all his business contacts which are in the iCloud device. Thanks.

• Fine Grained Auditing FGA - Which procedure or package caused the DML ?

  Hi All,
  I'm using FGA at column level. I'm trying to figure out all PL/SQL Subprograms like procedures, functions, packages, etc, which issued the SQL_TEXT in the dba_fga_audit_trail view.
  e.g.
  begin
  sys.dbms_fga.add_policy(
  object_schema => 'SCOTT',
  object_name => 'EMP',
  policy_name => 'SCOTT_EMP_POLICY',
  audit_condition => null,
  audit_column => 'SALARY',
  statement_types => 'UPDATE');
  end;
  The dba_fga_audit_trail view successfully displays all Update Statements in the SQL_TEXT column. However, as to which PL/SQL Subprogram it was issued from - this I don't know.
  Is there any way to determine this? Maybe through another system view?
  I tried replacing the SQL_TEXT with a lot of '%' for every space and every bind variable characters, so that I can do a LIKE in the DBA_SOURCE view, . . . but this didn't 100% worked.
  Many Thanks,
  Henry Wu

  Hi,
  Personnally i've never seen an automatic way for doing this...
  What you cando (but it can be very fastidious) is to declare constants (or IDs) for your differents package/procedure/function names and add them to your different DMLs commands.
  procedure TheProc is
  CurrentProc constant varchar2(100):='TheProc';
  begin
  update mytable set .... , proc_name=CurrentProc
  end;this is an old post but it might interrest you:
  Get current procedure

• How to know column name (not an expression) used by function-based index?

  Hi guys,
  Is there any way to know exact column name used by FBI? If I correct, there is SYS.ICOLDEP$ table that has mapping between index/table columns, but I don't see how it could be uniquely joined with the rest. I know about USER_IND_EXPRESSIONS, but the task is to know exact column name, not it's expression.
  This required by our so-called SQL preprocessing of DB schema update utility, which parses stmt (INSERT in our case) and should check against PK/UNIQUE key values.
  Thanks!

  I don't think this is possible in 10g or 11g because :
  1. dictionary keeps track of column number in index and not in table
  2. the expression used in CREATE INDEX is a system generated column
  You would have to parse the expression from USER_IND_EXPRESSIONS:
  SQL> create table t(x int, y int);
  Table created.
  SQL> create index fbi on t(y+1);
  Index created.
  SQL> column index_name format a10
  SQL> column column_name format a20
  SQL> column column_expression format a10
  SQL> select i.index_name, ic.column_name, ic.column_position as iccn, ie.column_position as iecn, ie.column_expression
    2  from user_indexes i , user_ind_columns ic, user_ind_expressions ie
    3  where i.index_name = ic.index_name
    4  and i.index_name = ie.index_name
    5  and i.index_name =  'FBI';
  INDEX_NAME COLUMN_NAME                ICCN       IECN COLUMN_EXP
  FBI        SYS_NC00003$                  1          1 "Y"+1

• How to know where a GL account is used

  hello all
  as FI is not my speciality, can someone explain to me how can I know where a GL account is being used? meaning, we link GL accounts to material groups via valuation class, is there a way to know which valuation class is linked to a specific GL account?
  thanks
  Alisa

  Hi,
  Am suprised, how come you are not able to see the valuation class.
  In Table T030 (initial screen) the first (row)filed is COA and fifth & Sixth (row) is G/L code.
  If you key in these values and execute, the system will display you all relevant details and the sixth column is Valuation class feild.
  When i checked in my system the following were displayed and i am able to see the valuation class.
  Client, Chart of Accts, Transaction, Val.Grpg Code, Acct modif, Valuation Class, G/L Account , G/L Account.
  Do check again.
  Regards,
  Gerardo

• How to know whether infotype record is created using PA30 or PA40

  Hi,
  can any one suggest is there any way to know how a record is created in database i.e by performing actions in  PA40 or from PA30.
  Thanks
  Deepthi

  Hmmmm...
  are you asking Record or actions???
  If records then forgot about PA40 it will perform actions not records.
  Coming back PA30-> TO create , modify display
                        PA20 -> TO DISPLAY.
  For PA30 -> after record is created come back to original pa30 screen input the Pernr number , Select/input  infotype number
  then click on the icon Overview button (or SHift + F8) then you can see the data , records.
  or you go and see in SE11 OR SE16 another direct method
  Regards
  sas

• How to know the status of stream played using NetStream.Play method ?

  I am playing stream data published by third party server
  similar to FCS by creating NetStream object and calling Play method
  on it. Now the problem is, sometimes I am not able to view the
  published stream by playing it using Play method. Also it does not
  call OnStatus method of NetSteam. How can I know the status(or
  result) of Play method ?
  Note: NetConnection gets created successfully. I get status
  of NetStream.Play.Start / Stop when I put local flv as a first
  parameter to Play method

  Hi
  There are SQL reports in the following zip which has SQLDeveloper reports for runtime objects such as mappings and process flows;
  http://www.oracle.com/technology/products/warehouse/htdocs/Experts/owb_sqldeveloper.zip
  Cheers
  David