Statement Auditing
All types of auditing use the audit command to turn on auditing and noaudit to turn off auditing.
For statement auditing, the format of the audit command looks something like the following:
AUDIT sql_statement_clause BY {SESSION | ACCESS}
WHENEVER [NOT] SUCCESSFUL;
The sql_statement_clause contains a number of different pieces of information, such as the type
of SQL statement we want to audit and who we are auditing.
In addition, we want to either audit the action every time it happens (by access) or only once
(by session). The default is by session.
Sometimes we want to audit successful actions??”statements that did not generate an error
message. For these statements, we add whenever successful. Other times we only care if the
commands using the audited statements fail, either due to privilege violations, running out of
space in the tablespace, or syntax errors. For these we use whenever not successful.
For most categories of auditing methods, we can specify all instead of individual statement
types or objects if we truly want all types of access to a table or any privileges by a certain user
to be audited.
The types of statements we can audit, with a brief description of what statements are covered
in each category, are listed in Table 9-17. If all is specified, any statement in this list is audited.
However, the types of statements in Table 9-18 do not fall into the all category when enabling
auditing; they must be explicitly specified in any audit commands.
Pages:
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547