auditing DBAs activities

kirna · #1 (**permalink**) 02-17-04, 06:22

Hi,

is there any possibility to audit db admin activities for a DB2 7.2 fixpack 6? i mean such table actions like insert, update, delete as well as select. i cannot use the db2 audit tool, since this tool by definition not report those actions for users with such authorization. I though about trigger, unfortunately trigger not cover select actions.

i'd be very gratefull for any help

wbr

jsander · #2 (**permalink**) 02-17-04, 07:05

Hi,

this is a tough one. You have got two options, none particularly appealing:

1) A statement event monitor
2) Hide away the tables and access them through user defined functions only (for select). The udfs would need to keep track of their actions. You will probably need application support for this, because you cannot reliably ask DB2 sql for user ids, even CURRENT USER won't work for this.

Johann

Quote:

Originally posted by kirna
Hi,

is there any possibility to audit db admin activities for a DB2 7.2 fixpack 6? i mean such table actions like insert, update, delete as well as select. i cannot use the db2 audit tool, since this tool by definition not report those actions for users with such authorization. I though about trigger, unfortunately trigger not cover select actions.

i'd be very gratefull for any help

wbr

kirna · #3 (**permalink**) 02-17-04, 07:52

Hi Johann,

thanks for the suggestion.

kirna

Quote:

Originally posted by jsander
Hi,

this is a tough one. You have got two options, none particularly appealing:

1) A statement event monitor
2) Hide away the tables and access them through user defined functions only (for select). The udfs would need to keep track of their actions. You will probably need application support for this, because you cannot reliably ask DB2 sql for user ids, even CURRENT USER won't work for this.

Johann

Internet Services

Web Development

Digital Marketing

Consumer Tech