Audit Logging Configuration Parameters v10
Use the following configuration parameters to control database auditing. See Summary of Configuration Parameters to determine if a change to the configuration parameter takes effect immediately, or if the configuration needs to be reloaded, or if the database server needs to be restarted.
Enables or disables database auditing. The values
csv will enable database auditing. These values represent the file format in which auditing information will be captured.
none will disable database auditing and is also the default.
logging_collector parameter must be set to
on to enable the
Specifies the directory where the log files will be created. The path of the directory can be relative or absolute to the data folder. The default is the
Specifies the file name of the audit file where the auditing information will be stored. The default file name will be
audit-%Y%m%d_%H%M%S. The escape sequences,
%m etc., will be replaced by the appropriate current values according to the system date and time.
Specifies the day of the week on which to rotate the audit files. Valid values are
none. To disable rotation, set the value to
none. To rotate the file every day, set the
edb_audit_rotation_day value to
every. To rotate the file on a specific day of the week, set the value to the desired day of the week.
every is the default value.
Specifies a file size threshold in megabytes when file rotation will be forced to occur. The default value is 0 MB. If the parameter is commented out or set to 0, rotation of the file on a size basis will not occur.
Specifies the rotation time in seconds when a new log file should be created. To disable this feature, set this parameter to 0, which is the default.
Enables auditing of database connection attempts by users. To disable auditing of all connection attempts, set
none. To audit all failed connection attempts, set the value to
failed, which is the default. To audit all connection attempts, set the value to
Enables auditing of database disconnections by connected users. To enable auditing of disconnections, set the value to
all. To disable, set the value to
none, which is the default.
This configuration parameter is used to specify auditing of different categories of SQL statements. Various combinations of the following values may be specified:
all. The default is
error. See Selecting SQL Statements to Audit for information regarding the setting of this parameter.
Use this configuration parameter to specify a string value that will be included in the audit log file for each entry as a tracking tag.
Bulk processing logs the resulting statements into both the Advanced Server log file and the EDB Audit log file. However, logging each and every statement in bulk processing is costly. This can be controlled by the
edb_log_every_bulk_value configuration parameter. When set to
true, each and every statement in bulk processing is logged. When set to
false, a log message is recorded once per bulk processing. In addition, the duration is emitted once per bulk processing. Default is set to
Specifies whether the audit log information is to be recorded in the directory as given by the
edb_audit_directory parameter or to the directory and file managed by the syslog process. Set to
file to use the directory specified by
edb_audit_directory, which is the default setting. Set to
syslog to use the syslog process and its location as configured in the
/etc/syslog.conf file. Note: In recent Linux versions, syslog has been replaced by rsyslog and the configuration file is in
Advanced Server allows administrative users associated with administrative privileges to audit statements by any user, group, or role. By auditing specific users, you can minimize the number of audit records generated. For information, see the examples under Selecting SQL Statements to Audit.
The following section describes selection of specific SQL statements for auditing using the