Skip to main content
📓 Tibero Online Manual Click here 📓

Search

Welcome to Tibero GTS!

DBMS Audit Overview and Feature Information

Document TypeㅣTechnical Information

CategoryㅣMonitoring/Inspection

Document NumberㅣTMOTI036

 

Overview

The Tibero Audit feature supports DBAs to monitor work history within the database and audit specific activities to collect data.
This can be utilized for enhancing security, detecting abnormal behavior, and regulatory compliance.
 
This document provides an overview and feature information of Tibero Audit.
Caution
  • When performing audit operations, I/O such as log recording occurs, which may degrade performance.
  • Audit requirements should be predefined by minimizing audit options, such as defining users to audit or auditing by SESSION unit.
 
 

Method

Types of AUDIT Features

Tibero supports auditing of system privileges (Privilege Audit) and auditing of schema objects (schema object audit).

Privilege Audit (Auditing System Privileges)

  • This refers to auditing system privileges such as system, session, role, database, etc.
  • You can specify which system privileges to audit, or audit all system privileges.
  • You can specify users to audit; if not specified, it applies to all users.
 

Schema Object Audit (Auditing Schema Objects)

  • This refers to auditing privileges on schema objects such as tables, views, sequences, etc.
  • You can audit all schema objects available for the object or specify the objects to be audited.
 

AUDIT Related Views

View
Description
user_audit_trail
View for querying audit records of the current user.
dba_audit_trail
View for querying all audit records.
user_obj_audit_opts
View for querying audit information on schema objects owned by the current user.
dba_obj_audit_opts
View for querying audit information on all schema objects.
dba_priv_audit_opts
View for querying audit information on system and user system privileges.

Note

The options in dba_obj_audit_opts are in the format [A/S]/[A/S].
  • The left side of ‘/’ indicates SUCCESSFUL, and the right side indicates NOT SUCCESSFUL.
  • A means By ACCESS, recording an audit each time the command is executed, and S means By SESSION, creating only one audit record per connected session.
Classification
By SESSION
By ACCESS
NONE
–/–
–/–
SUCCESSFUL
S/–
A/–
NOT SUCCESSFUL
–/S
–/A
SUCCESSFUL/NOT SUCCESSFUL
S/S
A/A

 

System Privileges Query Command

SQL> SELECT * FROM SYS.SYSTEM_PRIVILEGES;


Object Privileges Query Command

SQL> SELECT * FROM SYS.OBJECT_PRIVILEGES;

 

AUDIT Log

Log File Path

 /home/tibero/audit/audit_trail.log


Log File Description

Item
Description
SESS_ID
Session ID
SERIAL_NO
Serial Number identifying a specific Session
AUD_NO
Sequential number of the Audit Entry recorded after the session is opened
STMT_ID
Internal PPID of the Physical Plan parsed from the statement that generated the audit
CLIENT_ID
Client name
PRIV_NO
Privilege number required to execute the statement
ACTION
Indicates whether the statement was ultimately successful - S: Success / F: Failure
USGMT_ID
Undo Segment ID where undo for the current transaction is recorded
SLOTNO
Value identifying which slot among slots located in the segment
WRAPNO
Serial Number identifying the transaction


AUDIT Log Example

$ cat audit.log 
 
2014/08/19 11:00:57.708 
SESS_ID:[21] SERAIL_NO:[39856] AUD_NO:[3] STMT_ID:[1608] USER_NAME:[TEST]  
USER_HOST:[127.0.0.1] OS_USER:[tibero] CLIENT_ID:[tbsql] PRIV_NO:[3] ACTION:[S]  
OBJ_OWNER:[AUD] OBJ_NAME:[AUDIT_TB] USGMT_ID:[10] SLOTNO:[19] WRAPNO:[32] 
TSN:[158353] PID:[2845] SQLTEXT:[insert into AUD.AUDIT_TB values ( 1, 'TMAXDATA')]

 
 

Related to