11 Replies Latest reply on Jan 7, 2013 11:53 AM by Srini Chavali-Oracle

    Oracle Auditing to File from Application Tier

      I've exhausted all my searching capabilities and hoping someone can help. I have enabled OS level auditing on my Oracle EE database. I have an E-Business application tier. What is happening is a call is being made from somewhere on my application tier (based on my audit file) but I have no clue where it is originating from on my apps tier. The bad thing is that it keeps being called and am getting an ORA-01017 for the apps password. Somewhere, something is making this call...I just need to figure out where the call is coming from. I get a session_id from the aud file, which appears to not be useful. A snippet is below:

      LENGTH: "305"
      SESSIONID:[9] "152286629" ENTRYID:[1] "1" STATEMENT:[1] "1" USERID:[4] "APPS" USERHOST:[26] "axel01.company.com" ACTION:[3] "100" RETURNCODE:[4] "1017" COMMENT$TEXT:[100] "Authenticated by: DATABASE; Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=10.10.x.x)(PORT=58860))" DBID:[9] "752447730"

      I need to find the module calling this....Any assistance greatly appreciated