capture login of terminal in audit trail when login through grid
hello all,
I am trying to understand how to enable some audit so we can capture OEM logins as well.
Here is my setup. Lets say my DB that i am auditing is called audit_db (audit trail set to DB)
sitting on host called host_db. and we have grid control agent on this box.
now my grid control is as this. Lets say my OMS and repository is on host called OMS_host.
we run query aginst dba_audit_session to get info as to who tried failed login attemps and stuff.
Now to the part that is not working.
-- this is the good part
When i intentionaly login to the audit_db with sqlplus client from my laptop with wrong username/password
that is captured. we get the username,os_username,userhost,terminal.
here is the sample output
username is the wrong user that i tried to login as
os_username is the my local username(ad account)
userhost is my_laptop_name
terminal is laptop_name
from above we can figure who was trying to login(failed).
-- this is the bad part
But lets say i try to login to audit_db through grid control and use wrong username/password.
that gets captured too(but not all of it). we get the username,os_username,userhost,terminal.
here is the sample output
username is the wrong user that i tried to login as
os_username is the user of OMS repository db(oracle)
userhost is oms_host
terminal is unknown
Now with the above info, we cannot figure out who tried to login with bad login credential.
what is that i have to do to capture in correct way?