Pete,
I follow your steps to enable audit_trail = db in init.ora located in
ORACLE_HOME/dbs
and restart my Oracle database on solaris. After my database is up, I do the exact
query in your paper and results as followings:
====================================================================
SQL> select name,value from v$parameter
2 where name like 'audit%';
NAME
----------------------------------------------------------------
VALUE
--------------------------------------------------------------------------------
audit_sys_operations
FALSE
audit_file_dest
?/rdbms/audit
audit_trail
NONE
====================================================================
Please tell me what is possible causes that I fail to enable audit on my database.
Any comments are appreciated!
Many thanks!
Don
Pete Finnigan wrote:
> Hi
>
> You can get the ip address as follows:
>
> oracle:jupiter> sqlplus system/[EMAIL PROTECTED]
>
> SQL*Plus: Release 9.0.1.0.0 - Production on Wed Jun 25 20:45:54 2003
>
> (c) Copyright 2001 Oracle Corporation. All rights reserved.
>
> Connected to:
> Oracle9i Enterprise Edition Release 9.0.1.0.0 - Production
> With the Partitioning option
> JServer Release 9.0.1.0.0 - Production
>
> SQL> select sys_context('userenv','ip_address') ip,username,machine
> 2 from v$session
> 3 where sys_context('userenv','sessionid')=audsid;
>
> IP
> ------------------------------------------------------------------------
> --------
> USERNAME
> ------------------------------
> MACHINE
> ----------------------------------------------------------------
> 172.16.240.11
> SYSTEM
> jupiter
>
> SQL>
>
> you need to provide the service name when you log on otherwise the ip
> address is not available using sys_context.
>
> Also new with 9i as part of application contexts you can use the "using"
> clause of create role that a pl/sql package can be used to verify the
> user, for example something like this, typed in from memory so check the
> syntax!:
>
> create role some_role identified using sys.confirm_user;
>
> create or replace procedure confirm_user
> authid current user is
> lv_ipaddress varchar2(30);
> begin
> select sys_context('userenv','ip_address')
> into lv_ipaddress
> from sys.dual;
> if lv_ipaddress='172.16.140.1' then
> dbms_session.set_role('some_role');
> end if;
> end;
> /
>
> hth
>
> kind regards
>
> Pete
> --
> Pete Finnigan
> email:[EMAIL PROTECTED]
> Web site: http://www.petefinnigan.com - Oracle security audit specialists
> Book:Oracle security step-by-step Guide - see http://store.sans.org for details.
>
> --
> Please see the official ORACLE-L FAQ: http://www.orafaq.net
> --
> Author: Pete Finnigan
> INET: [EMAIL PROTECTED]
>
> Fat City Network Services -- 858-538-5051 http://www.fatcity.com
> San Diego, California -- Mailing list and web hosting services
> ---------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB ORACLE-L
> (or the name of mailing list you want to be removed from). You may
> also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Don Yu
INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
