Document Type | Technical Information
Category | Security
Applicable Product Version | 7FS02PS
Document Number | TSETI007
Overview
You can use the Tibero Audit (AUDIT) feature to automatically generate login records when a specified user logs in, and you can view these records.
[tibero7@rocky9.4:T724:/home/tibero]tbboot -version
Tibero 7 (DB 7.2.4) Build 303667
Linux bistro-build-centos_8.4 5.15.0-134-generic #145~20.04.1-Ubuntu SMP Mon Feb 17 13:27:16 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux version (little-endian)
Patch files (FS02PS_700093a FS02PS_700103a FS02PS_344166f FS02PS_700110a FS02PS_342949f)
Compiled with "cc -no-pie -ggdb -fstack-protector-all -fno-strict-aliasing -fno-omit-frame-pointer -pipe -O3 -D_OPT_COMPILED -U_FORTIFY_SOURCE -D_USE_VIP -Wall -W -Werror-implicit-function-declaration -Wno-unused-parameter -Wpointer-arith -Wdeclaration-after-statement -DHAVE_CONFIG_H -D_WORDSIZE=64 -D_OS_LINUX -D_LINUX_X86_64 -D_X86 -DUSE_ASSERT -DTSAM -DTSAM_NO_ESDS_SEQUENCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_USE_FSYNC -D_CHECK_LICENSE -D_STBLOG -D_TAC -DFD_SETSIZE=8192 -D_CM_OBSERVER -D_USE_FALLOCATE -D_GNU_SOURCE -D_GNU_SOURCE -D_GNU_SOURCE -D_GNU_SOURCE -DHAVE_EPOLL"
Compiled at Oct 13 2025 01:59:51 build seq 303667 init rev {2023-11-24}
Method
The CREATE SESSION system privilege is used at login, and by designating it as an AUDIT target, audit records are created.
Parameters
- AUDIT_TRAIL Parameter Format
| Property | Description |
| Parameter Type | String |
| Default Value | "NONE" |
| Class | Optional, Adjustable, Dynamic, System |
| Range NONE | NONE | DB | DB_EXTENDED | OS |
Usage Example
1. Enable the AUDIT Feature
Set the parameter value to โDBโ to configure the database as the audit record storage.
(If set to โOSโ, audit records are saved as log files)
SQL> show param audit_trail NAME TYPE VALUE --------------------------------------------------- -------- ---------- AUDIT_TRAIL STRING NONE SQL> ALTER SYSTEM SET AUDIT_TRAIL='DB'; System altered. SQL> show param audit_trail NAME TYPE VALUE --------------------------------------------------- -------- ---------- AUDIT_TRAIL STRING DB
2. Configure to record login when the user named tibero logs in
SQL> COL USER_NAME FOR A10 SQL> COL PRIVILEGE FOR A20 SQL> SELECT USER_NAME, PRIVILEGE, SUCCESS, FAILURE FROM DBA_PRIV_AUDIT_OPTS; 0 row selected. SQL> audit create session by tibero; Audited.
3. Confirm audit record settings
SQL> COL USER_NAME FOR A10 SQL> COL PRIVILEGE FOR A20 SQL> SELECT USER_NAME, PRIVILEGE, SUCCESS, FAILURE FROM DBA_PRIV_AUDIT_OPTS; USER_NAME PRIVILEGE SUCCESS FAILURE ---------- -------------------- ---------- ---------- TIBERO CREATE SESSION BY ACCESS BY ACCESS
4. Log in as the user named tibero(Perform on another terminal)
[tibero7@rocky9.4:T724:/home/tibero]tbsql tibero/tmax tbSQL 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. Connected to Tibero. SQL>
5. View login records
- You can check the audit records for the login performed in the previous step. col OS_USERNAME for a13 col USERNAME for a10 col USERHOST for a15 col TIMESTAMP for a22 col PRIV_USED for a15 col CLIENT_ID for a10 SQL> SELECT OS_USERNAME, USERNAME, USERHOST, TIMESTAMP, PRIV_USED, CLIENT_ID FROM DBA_AUDIT_TRAIL; OS_USERNAME USERNAME USERHOST TIMESTAMP PRIV_USED CLIENT_ID ------------- ---------- --------------- ---------------------- --------------- ---------- tibero7 TIBERO 127.0.0.1 2025-10-20:10:38:24 CREATE SESSION
6. Record to OS
(1) Change the parameter value to โOSโ to record login records as files outside the database.
SQL> ALTER SYSTEM SET AUDIT_TRAIL='OS'; System altered. SQL> show param audit_trail NAME TYPE VALUE -------------------------------- -------- ------------ AUDIT_TRAIL STRING OS
(2) Set the directory where login record files are stored.
SQL> !mkdir /home/tibero/audit SQL> alter system set AUDIT_FILE_DEST='/home/tibero/audit'; System altered.
(3) Check the size of the login record files.
SQL> show param AUDIT_FILE_SIZE
NAME TYPE VALUE
---------------------------------------------------------------------------------------------- -------- --------------------------------------------------------------------------------------------
AUDIT_FILE_SIZE INT32 1048576
SQL> select * from _vt_parameter where name='AUDIT_FILE_SIZE';
NAME TYPE
------------------------------ --------
DFLT_VALUE
-----------------------------------------------------------------
IS_OPTIONAL IS_ADJUSTABLE IS_DYNAMIC IS_HIDDEN BOUND GLOBAL
----------- ------------- ---------- ---------- -------- --------
VALUE
-----------------------------------------------------------------
INST_VALUE
-----------------------------------------------------------------
STATUS INST_STATUS
---------------- ----------------
RANGE
-------------------------------------------------------------------
AUDIT_FILE_SIZE INT32
104857600
1 1 1 0 SYS BOTH
1048576
1048576
CMD_MODIFIED CMD_MODIFIED
100K - 1G
(4) Log in as the tibero user. (Perform on another terminal)
[tibero7@rocky9.4:T724:/home/tibero]tbsql tibero/tmax tbSQL 7 TmaxTibero Corporation Copyright (c) 2020-. All rights reserved. Connected to Tibero. SQL>
(5) Check the login records.
[tibero7@rocky9.4:T724:/home/tibero/audit]ll -rlt total 8 drwx------. 19 tibero7 tibero 4096 Oct 20 10:50 .. drwxr-x---. 2 tibero7 tibero 23 Oct 20 10:54 . -rw-r-----. 1 tibero7 tibero 279 Oct 20 14:53 audit.log [tibero7@rocky9.4:T724:/home/tibero/audit]cat audit.log 2025/10/20 14:53:06.090 95 SESS_ID:[95] SERIAL_NO:[38579] AUD_NO:[1] STMT_ID:[0] USER_NAME:[TIBERO] USER_HOST:[127.0.0.1] OS_USER:[tibero7] CLIENT_ID:[] PRIV_NO:[-498] ACTION:[S] OBJ_OWNER:[] OBJ_NAME:[]USGMT_ID:[0] SLOTNO:[0] WRAPNO:[0] TSN:[64669] PID:[3914] SQLTEXT:[<NULL>]