I've been searching for a document that will advise what the different log-level settings are that can be put into the xdbconfig.xml but I can't seem to find anything on this. The default level is set to 0 on install. That is what we current have it as. We are being required to make this a log-level of 1 but I don't know the implications of doing this.
Does anyone know where I can find more information regarding this? We have an Oracle 22.214.171.124 installation on AIX 7.1 -- any help would be appreciated.
We are being audited by the IRS Safeguard team. They are telling us that if we are using XMLDB that we must set this log-level to 1 to capture unsuccessful login attempts. However, I want to read more about this setting in general to get more familiar with it. I don't know what the default level of 0 does; I don't know where the logs are generated; I don't know what other settings are available; etc. etc. etc.
Unfortunately, the audit team is not a technical team. It is only a compliance team. I will open an SR with Oracle. I'll leave this open in case the others you mentioned do have an insight into this. Thanks again.
Apparently the IRS does know, once again, more then I do ;-)
Seriously; The status of 2007 does not have changed for this feature.
The following is a feature that does work: http://www.liberidu.com/blog/2010/01/17/ora-31098-internal-event-to-turn-on-xdb-tracing
Also you can enable the listener logging/tracing which will also mention login attempts (and TCP/IP#, FQDN info btw).
The XFiles demo XMLDB app also shows a method on how to program this feature via XDB events and stuff...
The needed info, probably, can also retrieved by implementing Database Vault or the Database Firewall software (and yes, security comes at a cost).
Thank you, Marco, for the information. Oracle Support stated the following in the SR I opened -- in case anyone is wondering:
This feature has not been implemented. Actually, it's being removed. If it's needed, an Enhancement Request could be pursued in which we'd need to specify why exactly it's needed and what information it should return. If approved, it would be implemented in some future release.