This content has been marked as final. Show 7 replies
We are being audited by the IRS Safeguard team. They are telling us that if we are using XMLDB that we must set this log-level to 1 to capture unsuccessful login attempts. However, I want to read more about this setting in general to get more familiar with it. I don't know what the default level of 0 does; I don't know where the logs are generated; I don't know what other settings are available; etc. etc. etc.
Thanks for any help.
Apparently the IRS does know, once again, more then I do ;-)
Seriously; The status of 2007 does not have changed for this feature.
The following is a feature that does work: http://www.liberidu.com/blog/2010/01/17/ora-31098-internal-event-to-turn-on-xdb-tracing
Also you can enable the listener logging/tracing which will also mention login attempts (and TCP/IP#, FQDN info btw).
The XFiles demo XMLDB app also shows a method on how to program this feature via XDB events and stuff...
The needed info, probably, can also retrieved by implementing Database Vault or the Database Firewall software (and yes, security comes at a cost).
Edited by: Marco Gralike on Sep 20, 2012 3:07 AM
Thank you, Marco, for the information. Oracle Support stated the following in the SR I opened -- in case anyone is wondering:
This feature has not been implemented. Actually, it's being removed. If it's needed, an Enhancement Request could be pursued in which we'd need to specify why exactly it's needed and what information it should return. If approved, it would be implemented in some future release.
Thank you to you and Odie for your assistance!