2 Replies Latest reply: Jun 26, 2012 10:16 AM by Rasheed_ RSS

    Auditing the apps user in DB

    user13569998
      Hi - we have web application which uses oracle JDBC driver configured with common DB user called DBuser1.
      the web application has its users stored in OID called appsuser1, appsuser2,---appusersn.

      DB version 11.2.0.4

      I have 2 questions.

      1. if we are not capturing the application user in DB, Can we audit the application user who is inserting or updating table1 in DB.
      2. if we are capturing the application user in a column of table1, Can we audit the rows updated, inserted or deleted by all application users.

      let me know if there is any kind of documentation for this. ( I don't see audit vault concepts guide)

      Thanks in advance.
        • 1. Re: Auditing the apps user in DB
          Sunthar Tharmalingam
          1. if we are not capturing the application user in DB, Can we audit the application user who is inserting or updating table1 in DB. - Yes.
          2. if we are capturing the application user in a column of table1, Can we audit the rows updated, inserted or deleted by all application users. - Yes.
          Are you looking for yes/no answer or more?
          • 2. Re: Auditing the apps user in DB
            Rasheed_
            user fine grained audit with bellow package


            SQL> desc dbms_fga
            PROCEDURE ADD_POLICY
            Argument Name Type In/Out Default?
            ------------------------------ ----------------------- ------ --------
            OBJECT_SCHEMA VARCHAR2 IN DEFAULT
            OBJECT_NAME VARCHAR2 IN
            POLICY_NAME VARCHAR2 IN
            AUDIT_CONDITION VARCHAR2 IN DEFAULT
            AUDIT_COLUMN VARCHAR2 IN DEFAULT
            ...................................