Databases Reference
In-Depth Information
12
Auditing Categories
In the previous chapter you learned about several common regulations that
affect database auditing projects and how to use these requirements in the
context of defining an auditing project. It's time to see what auditing cate-
gories you may need to implement in your environment in order to comply
with these requirements. Because the database is so rich in functionality,
you can produce many types of audit trails for a database environment.
This does not mean that every category mentioned in this chapter is right
for you, but knowing what categories exist and how you can implement
them will help you address compliance requirements.
As mentioned in the previous chapter, the key to a good auditing
implementation is to understand what the requirements are and to use
reverse mapping to see what requirements you can check off using the
auditing categories listed in this chapter. This chapter can therefore be
used as a catalog from which you can pick audit trails to implement, and
possibly in what order.
12.1
Audit logon/logoff into the database
When you walk into a meeting in a corporate office, the first thing you're
asked to do is sign in at the front desk. Among other things, this ensures
that the company has a full log of anyone who came into the building,
which may be useful to track down and investigate “who done it” when
something goes wrong. This log usually records who you are, when you
came in, and when you left. The same process is true for any database, and
the first category of auditing that is required in most environments is a full
audit trail of anyone who has signed onto the database.
You will need to record two events for this audit category: an event for
the sign-on and an event for the sign-off. For each such event, you need to
save at least the login name used for signing on and a timestamp for the
Search WWH ::
Custom Search