...um, if you say so. That really didn't answer my question, though... I hope that your solution did not include assigning users SYSDBA privileges in order to merely track/audit them?
----- Original Message ----- To: "Multiple recipients of list ORACLE-L" <[EMAIL PROTECTED]> Sent: Monday, November 18, 2002 10:38 PM > Tim / All. > > I figured it out. > > Basically assign users SYSDBA privies and track accordingly. > > -----Original Message----- > Sent: Monday, November 18, 2002 7:44 PM > To: Multiple recipients of list ORACLE-L > > > please be a little more specific? what exactly is it that oracle won't do? > > ----- Original Message ----- > To: "Multiple recipients of list ORACLE-L" <[EMAIL PROTECTED]> > Sent: Monday, November 18, 2002 7:58 PM > > > > Tim - Thanks for the well worded response. Very, very helpful. > > > > So my next question: Are there any 3rd party applications available to do > > what Oracle won't? > > > > -----Original Message----- > > Sent: Monday, November 18, 2002 4:29 PM > > To: Multiple recipients of list ORACLE-L > > > > > > SYSDBA activities are not logged to the SYS.AUD$ table, even in Oracle9i > > with the AUDIT_SYS_OPERATIONS parameter set to TRUE. SYSDBA operations > are > > always logged to the OS audit trail, including access/modifications to the > > SYS.AUD$ table... > > > > The reason that these records are only logged to the audit trail (previous > > to Oracle9i, only connections as SYSDBA were logged) is because that is > the > > only way to protect the audit records review and (especially!) alteration > > from people with SYSDBA privilege. Someone with SYSDBA could alway muck > > with the contents of the SYS.AUD$ table, but they would not necessarily > have > > OS permissions to alter the audit records sent to the OS. > > > > ..which is why the command CONNECT INTERNAL went away with Oracle9i, to > > remove the last necessity for DBAs to be members of the OSDBA and OSOPER > > groups in the OS. Now, with 9i and CONNECT ... AS SYSDBA commands, you > can > > "lock down" the OS account and account-group that owns the Oracle software > > away from those with SYSDBA privileges, thus protecting the software > > distribution files, log files, trace files, and audit files from casual > > modification, if desired... > > > > ----- Original Message ----- > > To: "Multiple recipients of list ORACLE-L" <[EMAIL PROTECTED]> > > Sent: Monday, November 18, 2002 12:46 PM > > > > > > > Hello All, > > > > > > Do any of you have suggestions for a good way to monitor sysdba user > > > activities on the sys.aud$ table? Or, in terms of logging everything, > > what > > > would be the keypoints to log scrub on? > > > > > > Any suggestions would be wonderful. > > > -- > > > Please see the official ORACLE-L FAQ: http://www.orafaq.com > > > -- > > > Author: > > > INET: [EMAIL PROTECTED] > > > > > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > > > San Diego, California -- Mailing list and web hosting services > > > --------------------------------------------------------------------- > > > To REMOVE yourself from this mailing list, send an E-Mail message > > > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > > > the message BODY, include a line containing: UNSUB ORACLE-L > > > (or the name of mailing list you want to be removed from). You may > > > also send the HELP command for other information (like subscribing). > > > > -- > > Please see the official ORACLE-L FAQ: http://www.orafaq.com > > -- > > Author: Tim Gorman > > INET: [EMAIL PROTECTED] > > > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > > San Diego, California -- Mailing list and web hosting services > > --------------------------------------------------------------------- > > To REMOVE yourself from this mailing list, send an E-Mail message > > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > > the message BODY, include a line containing: UNSUB ORACLE-L > > (or the name of mailing list you want to be removed from). You may > > also send the HELP command for other information (like subscribing). > > -- > > Please see the official ORACLE-L FAQ: http://www.orafaq.com > > -- > > Author: > > INET: [EMAIL PROTECTED] > > > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > > San Diego, California -- Mailing list and web hosting services > > --------------------------------------------------------------------- > > To REMOVE yourself from this mailing list, send an E-Mail message > > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > > the message BODY, include a line containing: UNSUB ORACLE-L > > (or the name of mailing list you want to be removed from). You may > > also send the HELP command for other information (like subscribing). > > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: Tim Gorman > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Tim Gorman INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
