This content has been marked as final. Show 7 replies
codrguy wrote:... Etc ...1) What sql text do you expect to get when a user is attempting to login?
1) How do i get sqltext to show and not be null?
2) Is there anyway to see the actual invalid username and password values attempted?
2) It's in the SYS.USER$ table, but I don't remember the query to get it, except for an invalid (non-existing) username.
To enable auditing of failed sign-on attempts:
1 - Add initialization parameters & bounce instance:
alter system set audit_trail=DB scope=spfile ;
2 - Enable auditing of failed logion attempts as SYSDBA:
SQL> audit create session whenever not successful;
3 - You can now view failed login attempts in dba_audit_trail:
OS_USERNAME USERNAME TERMINAL TO_CHAR(TIMESTAMP,'
--------------- --------------- --------------- -------------------
alex SCOTT xyz93 05-05-2012 16:21:13
I'm sorry to open this thread again but I cannot find information about my problem anywhere. I read that enabling tracking of failed logon attemps can be very resource-consuming so I would like to disable it now that I know the information I needed, is there a way to do that without disabling the whole audit process?
Thanks for your time.
I'm sorry to see you are hijacking a thread of more than a year old, and don't care to specify four digit database info and platform info, nor where you read this.
The observation doesn't make sense to me, because the only thing which is tracked is the error code of the login attemp, where 0 means successful.
Tracking invalid logins shouldn't need more resources.
Senior Oracle DBA