Hi,

I would like to know if anyone has experience with auditing Select statements in DB2 UDB version 7.2 or higher for HP-UX.

Basically, we need to audit each attempt at reading a row containing sensitive information within given tables.

If a user performs a SELECT * FROM TABLE, then audit entries must be made in a separate audit table for each records returned by the select statement along with the USER ID of the account performing the SELECT statement.

It is very important for us to record the actual data returned and not just the action itself since the recording of the actual select statement does not give us a snapshot of the data that was available at the time the query was made.

If anyone can provide some guidance as to how this can be performed transparently (without the use of stored procedures!), be it with 3rd party tools or other means, I would really appreciate finding out!

Thanks in advance for your help!

Bruno

Are you sure this is a practical approach? What would you gain if someone would issue a 'select * from table' if this is a million records facttable.

Many people issue such a command just to see what is in the table in terms of fields/ general information. A second step would be to specify conditions to get at the proper records.

I believe version 8 has the ability to store SQL statements in the database itself, although this will not help in getting the exact info the user got at the moment of query-execution..........