Audit trigger
Hello,
LUW DB2 V8 FP13
I am trying to create audit triggers in order to find out which
user/application is deleting data from a table, as well as the
statement the user entered.
Here´s what I´ve done:
# create table AUD.T_BACKLOG_A UDIT (EVENT_TIME TIMESTAMP, USERNAME
VARCHAR(20), STATEMENT VARCHAR(251))
# CREATE TRIGGER TRG.TRACE_BACKL OG
AFTER DELETE ON ASSET.TBL_BACKL OG
FOR EACH STATEMENT MODE DB2SQL
BEGIN ATOMIC
insert into AUD.T_BACKLOG_A UDIT
select current timestamp, current user,
SUBSTR(VARCHAR( STMT_TEXT),1,25 0)
from TABLE(SNAPSHOT_ STATEMENT('ASSE T',-1)) as A,
TABLE(SNAPSHOT_ APPL_INFO('ASSE T',-1)) as B
where A.AGENT_ID=B.AG ENT_ID and APPL_ID=APPLICA TION_ID()
END;
But when regular users connect to the DB and execute a DELETE on
ASSET.TBL_BACKL OG, the following error message indicating lack of
privileges is returned:
SQL0723N An error occurred in a triggered SQL statement in trigger
"TRG.TRACE_BACK LO". Information returned for the error includes
SQLCODE
"-443", SQLSTATE "38553" and message tokens
"SNAPSHOT_APPL_ INFO|*_APPL_INF O|SQL1092 Re". SQLSTATE=09000
I do not wish to grant DB_ADM to this user. Event monitors are not an
option due to its overhead.
Any other way to achieve the same result? I want to audit delete
activity on a single table.
Thanks in Advance,
5  6473 
Michel Esber wrote:
Audit trigger
Hello,
LUW DB2 V8 FP13
I am trying to create audit triggers in order to find out which
user/application is deleting data from a table, as well as the
statement the user entered.
Here´s what I´ve done:
# create table AUD.T_BACKLOG_A UDIT (EVENT_TIME TIMESTAMP, USERNAME
VARCHAR(20), STATEMENT VARCHAR(251))
# CREATE TRIGGER TRG.TRACE_BACKL OG
AFTER DELETE ON ASSET.TBL_BACKL OG
FOR EACH STATEMENT MODE DB2SQL
BEGIN ATOMIC
insert into AUD.T_BACKLOG_A UDIT
select current timestamp, current user,
SUBSTR(VARCHAR( STMT_TEXT),1,25 0)
from TABLE(SNAPSHOT_ STATEMENT('ASSE T',-1)) as A,
TABLE(SNAPSHOT_ APPL_INFO('ASSE T',-1)) as B
where A.AGENT_ID=B.AG ENT_ID and APPL_ID=APPLICA TION_ID()
END;
But when regular users connect to the DB and execute a DELETE on
ASSET.TBL_BACKL OG, the following error message indicating lack of
privileges is returned:
SQL0723N An error occurred in a triggered SQL statement in trigger
"TRG.TRACE_BACK LO". Information returned for the error includes
SQLCODE
"-443", SQLSTATE "38553" and message tokens
"SNAPSHOT_APPL_ INFO|*_APPL_INF O|SQL1092 Re". SQLSTATE=09000
I do not wish to grant DB_ADM to this user. Event monitors are not an
option due to its overhead.
Any other way to achieve the same result? I want to audit delete
activity on a single table.
You could try setting the DB2_SNAPSHOT_NO AUTH registry variable to ON.
Alternatively, have a look here: http://publib.boulder.ibm.com/infoce...n/r0010018.htm
--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
You could try setting the DB2_SNAPSHOT_NO AUTH registry variable to ON.
>
Alternatively, have a look here:
http://publib.boulder.ibm.com/infoce...n/r0010018.htm
--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
Hello Knut,
Thanks for the quick reply. However, it did not work.
[db2inst1@julian apaes ]$ grep -i dbsite /etc/passwd
dbsite:x:501:50 1::/home/dbsite:/bin/bash
[db2inst1@julian apaes ]$ grep -i dbsite /etc/group
dbsite:x:501:
[db2inst1@julian apaes ]$ db2 "update dbm cfg using SYSMON_GROUP dbsite"
DB20000I The UPDATE DATABASE MANAGER CONFIGURATION command completed
successfully.
db2 connect to asset user dbsite using ***
db2 "select current timestamp, current user,
SUBSTR(VARCHAR( STMT_TEXT),1,25 0) from
TABLE(SNAPSHOT_ STATEMENT('ASSE T',-1)) as A,
TABLE(SNAPSHOT_ APPL_INFO('ASSE T',-1)) as B where A.AGENT_ID=B.AG ENT_ID
and APPL_ID=APPLICA TION_ID()"
SQL0443N Routine "SNAPSHOT_APPL_ INFO" (specific name "*_APPL_INF O")
has
returned an error SQLSTATE with diagnostic text "SQL1092 Reason code
or
token: DBSITE ". SQLSTATE=38553
What I am doing wrong?
I haven´t tried the registry option because it requires an instance
restart ...
Thanks,
Michel Esber wrote:
>
I haven´t tried the registry option because it requires an instance
restart ...
Changing SYSMON_GROUP requires an instance restart, too.
That's what the problem is.
Ian
Michel Esber wrote:
Audit trigger
Hello,
LUW DB2 V8 FP13
I am trying to create audit triggers in order to find out which
user/application is deleting data from a table, as well as the
statement the user entered.
I noticed you post and the idea looks interesting, however I only get
null for STMT_TEXT in SNAPSHOT_STATEM ENT. What does it take to get a
value there? I switched on monitors as:
db2 update monitor switches using statement on BUFFERPOOL on LOCK on
SORT on TABLE on UOW on
But I still dont get any value. Any ideas, anyone?
BTW, all snapshot functions take <dbnameas an argument. Is there a
current_databas e register or such that can be used instead of an actual
name?
/Lennart
Lennart wrote:
[...]
>
I noticed you post and the idea looks interesting, however I only get
null for STMT_TEXT in SNAPSHOT_STATEM ENT. What does it take to get a
value there? I switched on monitors as:
db2 update monitor switches using statement on BUFFERPOOL on LOCK on
SORT on TABLE on UOW on
But I still dont get any value. Any ideas, anyone?
Updating the dbm cfg seem to help :-)
BTW, all snapshot functions take <dbnameas an argument. Is there a
current_databas e register or such that can be used instead of an actual
name?
CURRENT_SERVER seem ok for the moment
/Lennart This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: raulgz |
last post by:
I need audit triggers that change columns value in the same record
that fire trigger.
I need how to do..
Thanks..
|
by: ecastillo |
last post by:
i'm in a bit of a bind at work. if anyone could help, i'd greatly
appreciate it.
i have a web app connecting to a sql server using sql server
authentication. let's say, for example, my login/password is
dbUser/dbUser. the web app however, is using windows authentication.
so if I am logged into the network as 'DOMAIN\Eric', when I access my
web app, my web app knows that I am 'DOMAIN\Eric'. but to the sql
server db, I am user...
|
by: Zlatko Matiæ |
last post by:
I tried to implement triggers for filling audit-trail table on this way.
Everything works fine as long as I don't update the primary key field value.
When I try to update PK value, an error occures.
The code is the following:
CREATE TRIGGER NameOfTheTrigger
ON dbo.TableName FOR DELETE, INSERT, UPDATE
AS BEGIN
declare
@type varchar(10) ,
|
by: Zlatko Matiæ |
last post by:
Hello.
I tried to implement audit trail, by making an audit trail table with the
following fileds:
TableName,FieldName,OldValue,NewValue,UpdateDate,type,UserName.
Triggers on each table were set to do the job and everything was fine except
that in the audit trail you couldn't know which row exacltly was
updated/inserted/deleted...Therefore I introduced 3 additional columnes
(RowMark1, RowMark2, RowMark3) which should identify the...
|
by: Jeff Magouirk |
last post by:
Dear Group,
I would like to create an audit table that is created with a trigger that
reflects all the changes(insert, update and delete) that occur in table.
Say I have a table with
Subject_ID, visit_number, dob, weight, height, User_name, inputdate
The audit table would have .
| | |
by: JohnO |
last post by:
Thanks to Serge and MarkB for recent tips and suggestions.
Ive rolled together a few stored procedures to assist with creating
audit triggers automagically. Hope someone finds this as useful as I've
found it educational.
Note:
- I build this for use in a JDEdwards OneWorld environment. I'm not
sure how generic others find it but it should be fairly generic.
- I use a C stored procedure GETJOBNAME to get some extra audit data,
|
by: Jim M |
last post by:
I've been playing with Allen Browne's audit code and found it very
useful. I need to track record insertions, deletions, and edits for
several tables. I am planning to replace Access with Microsoft SQL
server for my back end, but continue to use Access for the front end.
I understand I can create an audit trail of record changes in SQL at
the table level, instead of at the form level in Access.
I have been playing with Access since the...
|
by: Parag |
last post by:
Hello,
I have been assigned the task to design the audit trail for the ASP.NET web
application. I don't know what the best practices for such audit trails are.
Our application one dedicated user name and password to perform the database
operations. I need to capture all the operations which are performed on the
database. Also I need to able to capture the operations which directly
performed on the backend directly using the tools like...
|
by: JimLad |
last post by:
Hi,
I've been tasked with reviewing the Authentication and Auditing of an
application and database.
ASP/ASP.NET 1.1 app with SQL Server 2000 database. Separate audit trail
database on same server.
The system is intranet based and currently uses Basic Authentication on
IIS6. The application itself is mostly classic ASP, but has been
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
