Standard auditing in logon trigger
362579Aug 8 2008 — edited Aug 8 2008Hi all,
I want to enable standard auditing with a logon trigger if other than 'usual' programs log in.
This is my code, but I can't see any job in em after login i.e. scott with sqlplus.
--**************************************************
create or replace TRIGGER sys.TRG_LOGON_DB AFTER LOGON ON DATABASE
DECLARE
log_sql ddl_log.used_sql%TYPE;
log_user ddl_log.user_name%TYPE;
log_osuser ddl_log.ddl_osuser%TYPE;
log_terminal ddl_log.ddl_terminal%TYPE;
log_program ddl_log.ddl_program%TYPE;
prg_name ddl_log.ddl_program%TYPE;
l_job number;
l_str varchar2(255);
PRAGMA AUTONOMOUS_TRANSACTION;
BEGIN
-- get Sessioninformation
select distinct
username,
program
into
log_user,
log_program
from
v$session
where
audsid=userenv('sessionid') AND OSUSER IS NOT NULL;
--log_user := SYS_CONTEXT('USERENV','CURRENT_USER');
log_osuser := SYS_CONTEXT('USERENV','OS_USER') ;
log_terminal := SYS_CONTEXT('USERENV','TERMINAL');
prg_name := upper(log_program);
IF prg_name <> 'OMS' AND prg_name <> 'W3WP.EXE' AND prg_name <> 'ORACLE@ORALINUX' and prg_name <> 'EMAGENT@ORALINUX'
and prg_name <> 'EMAGENT@ORALINUX (TNS V1-V3)'
THEN
l_str := 'begin execute immediate "AUDIT ALL BY ' ||log_user || ' BY ACCESS";end;';
dbms_job.submit( l_job, replace(l_str,'"','''') );
log_sql := l_str ;
insert into ddl_log
(ID, user_name, ddl_date, ddl_type, object_type, owner,
object_name, used_sql, ddl_osuser, ddl_terminal, ddl_program)
values (SEQ_DDL_LOG_ID.nextval,
log_user,
sysdate,
ora_sysevent,
ora_dict_obj_type,
ora_dict_obj_owner,
ora_dict_obj_name,
log_sql,
log_osuser,
log_terminal,
log_program);
commit;
END IF;
--exception
-- when others then
-- NULL;
end;
--**************************************************************************************
After logon of scott there is a new row in table ddl_log but no audit file (audit_trail = OS).
Setting auditing manually works fine.
Any idea whats wrong ?
Thanks in advance
Henning