Friday, July 30, 2021
dbametrix
More
    HomeOracle DBA TipsORA-32028-AUDIT_SYSLOG_LEVEL

    ORA-32028-AUDIT_SYSLOG_LEVEL

    Hi friends,

    Great new feature of Oracle 11g.

    - Advertisement -
    dbametrix

    AUDIT_SYSLOG_LEVEL

    Auditing Oracle software owner’s activities. It traces all events and commands of sysdba,sysoper privileges.Generaly SYS.AUD$ table contains auditing activities.But as Oracle software owner (SYSDBA owned) can easily remove auditing data from this SYS.AUD$
    table.

    This parameter also privent hacker activity if it captures password of oracle software owner.When AUDIT_SYSLOG_LEVEL and AUDIT_SYS_OPERATIONS are combined, any commands
    run as user SYS may be audited using the syslog facility. Since the files used by syslog are owned by root, and a DBA usually does not have access to the root account, DBAs will not be able to remove traces of their activity. Of course, this also applies to intruders who have managed to break into a machine and have gained access to the account of the ORACLE software owner but not to the root account.

    AUDIT_SYSLOG_LEVEL enables OS audit logs to be written to the system via the syslog utility, if the AUDIT_TRAIL parameter is set to os. The value of facility can be any of the following: USER, LOCAL0- LOCAL7, SYSLOG, DAEMON, KERN, MAIL, AUTH, LPR,NEWS, UUCP or CRON. The value of level can be any of the following: NOTICE, INFO,
    DEBUG, WARNING, ERR, CRIT, ALERT, EMERG.

    - Advertisement -
    dbametrix

    Offcourse certain commands are accepted by Oracle otherwise you will get ORA-32028: Syslog facility or level not recognized error at database start time.

    Thanks and regards,
    Gitesh Trivedi
    http://www.dbametrix.com

    - Advertisement -
    dbametrix
    - Advertisment -
    dbametrix

    Most Popular

    Recent Comments