Fine grained auditing: How to obtain specific accessed rows?
-K-Nov 8 2007 — edited Dec 17 2007Hi,
The law enforces us to audit access to personal data.
I understand the only way you can do this is with FGA, on SELECT.
The problem is that there's no obvious way of knowing what exactly got accessed.
For example, if we audit a CUSTOMERS table unconditionally, how do we know afterwards who accessed a certain customer?
We'd have to run all logged queries again to see if his record is in there. On top, the contents might have changed, so the same query won't get the same results over time. So we'd need Flashback Database too, right?
Am I missing something? Is there some dedicated package or tool for this?
Does anyone has experience with these requirements?
Is there a quick and easy way of getting this done, with the smallest impact possible on the database?
Thanks,
K.