This is what I use ...
CREATE OR REPLACE TRIGGER DBT_USERS_LOGON
AFTER LOGON ON DATABASE
--
DECLARE
CURSOR cur_sess IS
SELECT *
FROM v$session
WHERE AUDSID = USERENV('SESSIONID')
AND USERNAME NOT IN ('HEARTBEAT');
--
recSesscur_sess%ROWTYPE;
--
PRAGMA
Dick
Four ideas for you:
1. Change the password on the schema account. Restrict who has it, threaten
those.
2. If the changes happen often, you can use LogMiner to search for more
details, like the specific time of change.
3. Excellent reason to force all non-PeopleTools usage to another
dick,
I haven't done this as yet, but why not use an on-logon trigger and
capture the username, the program, the machine etc from v$session?
Of course, the other thing you could do would be to place an entry in
product_user_profile and remove the ability to connect via sql*plus
and/or Toad?
Use a logon trigger to capture everything from v$session and you can look at
program name etc...it will be pretty easy to figure out who and when.
Something like this in the trigger...
select distinct sid into l_sid from v$mystat;
insert into session_log (select * from v$session where sid =
Dick,
I'm doing something similar. If your're on 8i+, this may work for you.
create table session_logon_audit (
usernamevarchar2(30) not null,
logon_date date not null--,
osuservarchar2(30),
machine varchar2(64),
program varchar2(64)
)
tablespace tools
/
Why to find who and when. the best thing is to restrict the access.
-Original Message-
Sent: Friday, August 09, 2002 10:44 PM
To: Multiple recipients of list ORACLE-L
Use a logon trigger to capture everything from v$session and you can look at
program name etc...it will be pretty easy
Dick,
Here is my database log-on trigger. It obviously saves stuff to a database
table for later review.
I developed this for your same reason - to catch people logging on via c
ertain account with an illegal tool.
Give it a try!
CREATE OR REPLACE TRIGGER WTWDBA.Wtw_Catch_Login_Trg
AFTER
another suggestion:
disable default roles.
grant create session to all users.
use application to enable roles with password.
hth,
gene
[EMAIL PROTECTED] 08/09/02 01:58PM
Why to find who and when. the best thing is to restrict the access.
-Original Message-
Sent: Friday, August 09,