Home » RDBMS Server » Security » difference between audit by access and audit by session
difference between audit by access and audit by session [message #151073] Tue, 13 December 2005 00:31 Go to next message
reena_ch30
Messages: 100
Registered: December 2005
Senior Member
Hi,

I wish to know the difference between audit by access and audit by statement. What all information can be maintained in aud$ table using by access and not by statement(or vice versa).Please help.


Regards,
reena
Re: difference between audit by access and audit by session [message #151086 is a reply to message #151073] Tue, 13 December 2005 01:04 Go to previous messageGo to next message
Mahesh Rajendran
Messages: 10707
Registered: March 2002
Location: oracleDocoVille
Senior Member
Account Moderator
http://download-west.oracle.com/docs/cd/B10501_01/server.920/a96521/audit.htm#1108
Re: difference between audit by access and audit by session [message #151170 is a reply to message #151086] Tue, 13 December 2005 09:15 Go to previous messageGo to next message
reena_ch30
Messages: 100
Registered: December 2005
Senior Member
Hi Mahesh,

I am giving the following statement:
audit create table
by session;

i login as scott and create 3 tables.There are 3 records inserted in aud$table(as in case of "By statement clause).As per the reference document there should be only 1 record for SQl statements of same type in 1 session .Please justify.


Regards,
reena


Re: difference between audit by access and audit by session [message #151250 is a reply to message #151170] Tue, 13 December 2005 23:57 Go to previous message
tarundua
Messages: 1080
Registered: June 2005
Location: India
Senior Member
I think you read the following portion of the docs :

The SESSION statement option is unique because it does
 not generate an audit record when a particular type of 
statement is issued; this option generates a single audit record
 for each session created by connections to an instance. An
 audit record is inserted into the audit trail at connect time 
and updated at disconnect time. Cumulative information about a 
session such as connection time, disconnection time, logical and 
physical I/Os processed, and more is stored in a single audit 
record that corresponds to the session.
To audit all successful and unsuccessful connections to and 
disconnections from the database, regardless of user, BY SESSION
(the default and only value for this option), enter the 
following statement:

AUDIT SESSION;


The above lines clearly says that only connection /disconnection information will be stored in a single row but the command you ran is the auditing for the creation of tables by session.

So if one session creates 3 tables then it has to have 3 records for each table creation otherwise how will you come to know about previous "Create table" commands.

I hope i made it clear but still if you have some doubts then you can post back.

regards,
tarun



[Updated on: Tue, 13 December 2005 23:58]

Report message to a moderator

Previous Topic: Help on using composite limits and resource costs
Next Topic: History of Passwords..
Goto Forum:
  


Current Time: Thu Mar 28 14:47:16 CDT 2024