Categories

JAVA DATEBASE
Technology Network Community
Oracle Database
Fusion Middleware
Development Tools
Java
Desktop
Server & Storage Systems
Enterprise Management
Berkeley DB Family
Cloud Computing
Big Data
Business Intelligence
Architecture
Migration and Modernization
E-Business Suite
Siebel
PeopleSoft Enterprise
JD Edwards World
Industries
JD Edwards EnterpriseOne
User Productivity Kit Pro (UPK) and Tutor
Governance, Risk & Compliance (GRC)
Master Data Management (MDM)
Oracle CRM On Demand
On Demand: SaaS and Managed Applications
AutoVue Enterprise Visualization
Primavera
ATG
Agile PLM
Endeca Experience Management
Fusion Applications
Archived Forums

 



Tags

General Questions


auditing problem


Hi, First of all, i've read in documentation that:  DROP ANY PROCEDURE 	Allows execution of DROP FUNCTION, DROP PACKAGE & DROP PROCEDURE commands in any schema.  Ok, i have: audit drop any procedure by roger by access; i connect with roger, i create a FUNCTION, then i drop it. But in dba_audit_object i see only the create function action, the DROP function isn't audited. I want to know why..  Thanks

i don't think this is again a bug.. can someone clarify me?

The description for DBA_AUDIT_OBJECT is the following:  DBA_AUDIT_OBJECT displays audit trail records for all objects in the database.  When you drop an object it is not in the database anymore, therefore you wouldn't expect a row in this view. The DBA_AUDIT_OBJECT view is based off of DBA_AUDIT_TRAIL with the following additional restrictions:  where (action between 1 and 16)    or (action between 19 and 29)    or (action between 32 and 41)    or (action = 43)    or (action between 51 and 99)    or (action = 103)    or (action between 110 and 113)    or (action between 116 and 121)    or (action between 123 and 128)    or (action between 160 and 162)   Check the DBA_AUDIT_TRAIL view for your DELETE action and check the action value. It's probably not in any of these ranges above.

select username, obj_name, action_name, sql_text from sys.dba_audit_trail where username = 'ROGER' and sql_text is not null   gives me only records with action:  CREATE FUNCTION CREATE FUNCTION CREATE FUNCTION CREATE FUNCTION CREATE FUNCTION CREATE PROCEDURE CREATE TABLE DROP TABLE  and sql text correspondingly:  "create or replace function t4(asfas varchar2(30)) return number is begin   return 5;   end; " "create or replace function t4(asfas varchar2(30)) return number is begin   return 5;   end; " "create or replace function t4(asfas varchar2(30)) return number is begin   return 5;   end; " "create or replace function t4(asfas varchar2(30)) return number is begin   return 5;   end;  drop function t4 " "create or replace function t4(asfas varchar2(30)) return number is begin   return 5;   end; " "create or replace procedure proc is begin   null; end; " "create table tabela1 (x1 number) " "drop table tabela1 "  Edited by: Roger22 on 06.07.2011 18:50

If I had to wager a guess it would be because you are creating/dropping objects in your own schema which wouldn't trigger the DROP ANY PROCEDURE system privilege.

I will test it.. however..: Allows execution of DROP FUNCTION, DROP PACKAGE & DROP PROCEDURE commands in any schema.

I've tested, and you are right. But it's strange, because if i create a TABLE on my own schema and then i drop it, this action is audited.. while the function/procedure dropping from my own schema not. I think i should ask some questions about auditing on Oracle Support, because they are not normal  Anyway thanks 

Roger22 wrote: I've tested, and you are right. But it's strange, because if i create a TABLE on my own schema and then i drop it, this action is audited.. while the function/procedure dropping from my own schema not. I think i should ask some questions about auditing on Oracle Support, because they are not normal  Any chance that you ran AUDIT TABLE and not AUDIT PROCEDURE by your user?  Anyway thanks   No problem.

well, audit table audits create table, delete (from) table and insert (into) table (also update table), and drop table, right?

Roger22 wrote: well, audit table audits create table, delete (from) table and insert (into) table (also update table), and drop table, right?  No. It audits the following: AUDIT - Table 13-1  CREATE TABLE  DROP TABLE  TRUNCATE TABLE 

Roger,  SYSTEM_PRIVILEGE_MAP lists available system privileges within the system, and DROP PROCEDURE is not a valid privilege, so therefore you cannot audit drop procedure.  Source:http://www.freelists.org/post/oracle-l/audit-drop-procedure-fails-with-ORA00956,4  Regards Girish Sharma


Related Links

TNS:protocol adapter error
backup database required recovery
corrupted segments
MODE IN OBIEE
Latest PSU available for 11gr2
Multiple select staement in 1 query
Define percentage in dba_profile for cpu_per_session, cpu_per_call
ORA-28575: unable to open RPC connection to external procedure agent
Insert Into Select with APPEND hint
Client Needs SSO setup to access application *** oracle db..Need your help.
select data from undo tablespace?
Sadow process in oracle
disk vs tape
can not connect via URL to Oracle Enterprise Manager
Oracle: Monitoring_Out of the box Reports
patch download