Table of Contents Previous Next



3.1.3.7.1 edb_audit
Range: {none | csv | xml}
Enables or disables database auditing. The values xml or csv will enable database auditing. These values represent the file format in which auditing information will be captured. none will disable database auditing and is also the default.
Default Value: edb_audit
Range: n/a
Default Value: audit-%Y%m%d_%H%M%S
Range: n/a
Specifies the file name of the audit file where the auditing information will be stored. The default file name will be audit-%Y%m%d_%H%M%S. The escape sequences, %Y, %m etc., will be replaced by the appropriate current values according to the system date and time.
Range: {none | every | sun | mon | tue | wed | thu | fri | sat} ...
Specifies the day of the week on which to rotate the audit files. Valid values are sun, mon, tue, wed, thu, fri, sat, every, and none. To disable rotation, set the value to none. To rotate the file every day, set the edb_audit_rotation_day value to every. To rotate the file on a specific day of the week, set the value to the desired day of the week.
Range: 0MB to 5000MB
Range: 0s to 2147483647s
Range: {none | failed | all}
Enables auditing of database connection attempts by users. To disable auditing of all connection attempts, set edb_audit_connect to none. To audit all failed connection attempts, set the value to failed. To audit all connection attempts, set the value to all.
Range: {none | all}
Default Value: ddl, error
Range: {none | ddl | dml | insert | update | delete | truncate | select | error | create | drop | alter | grant | revoke | rollback | all} ...
This configuration parameter is used to specify auditing of different categories of SQL statements as well as those statements related to specific SQL commands. To log errors, set the parameter value to error. To audit all DDL statements such as CREATE TABLE, ALTER TABLE, etc., set the parameter value to ddl. To audit specific types of DDL statements, the parameter values can include those specific SQL commands (create, drop, or alter). In addition, the object type may be specified following the command such as create table, create view, drop role, etc. All modification statements such as INSERT, UPDATE, DELETE or TRUNCATE can be audited by setting edb_audit_statement to dml. To audit specific types of DML statements, the parameter values can include the specific SQL commands, insert, update, delete, or truncate. Include parameter values select, grant, revoke, or rollback to audit statements regarding those SQL commands. Setting the value to all will audit every statement while none disables this feature.
3.1.3.7.10 edb_audit_tag
Use edb_audit_tag to specify a string value that will be included in the audit log when the edb_audit parameter is set to csv or xml.
Range: {file | syslog}
Specifies whether the audit log information is to be recorded in the directory as given by the edb_audit_directory parameter or to the directory and file managed by the syslog process. Set to file to use the directory specified by edb_audit_directory (the default setting). Set to syslog to use the syslog process and its location as configured in the /etc/syslog.conf file. Note: In recent Linux versions, syslog has been replaced by rsyslog and the configuration file is in /etc/rsyslog.conf.
For information on edb_log_every_bulk_value, see Section 3.1.3.6.2.


Table of Contents Previous Next