Hi all,
11.2.0.1
We have a long debate today because the operations head would not approved the request of the IT auditor to revoke dba granted to app user "HR", as this might cause error to this critical app.
We have setup a test server for this app but it can not replicate exactly what is in PROD HR. Hence the test was also questionable.
Note that this dba role granted to app user "HR" generates lots of audit logs, causing disk space issue, as this app is connecting/disconnecting many times to the db 24X7.
One of the solution presented by the operations is to trick the database audit. They told us that to prevent logging lots of audits , we revoke the "DBA" role from "HR".
And create another role "ROLE1" but grant all the privileges given to dba to "ROLE1", then grant "ROLE1" to "HR". Is this possible and will the logging stopped?
Thanks a lot,
zxy