22.5.2 Actions performed by the auditor
(1) Check the status of the audit trail files
Check the status of the audit trail files with the pdls -d aud command. Check the following:
- Whether or not there are data load waiting audit trail files
- Whether or not there are swappable audit trail files
For details about the statuses of audit trail files, see 22.6 Operation of audit trail files.
(2) Record data in the audit trail table (data load the audit trail table)
Record data (the output audit trail) in the audit trail table. Use the database load utility (pdload command) to load the data into the audit trail table from a data load waiting audit trail file. For details about the data load procedure, see 22.7 Recording data in the audit trail table.
(3) Use the audit trail table
(4) Swap audit trail files
Use the pdaudswap command to swap audit trail files. For example, to load the data from the current audit trail file to the audit trail table, swap audit trail files with the pdaudswap command and then perform the data load. The current audit trail file cannot be data loaded.
- Note
- If either of the following conditions is satisfied, the pdaudswap command cannot be executed:
- There are no swappable audit trail files
- No audit trail files have been generated
(5) Manipulate the audit trail table
The auditor manipulates the audit trail table. For example, the auditor performs the following actions:
- Grant access privileges to the audit trail table
Only the SELECT privilege for the audit trail table and a view table that uses the audit trail table as the base table can be granted to other users. SELECT privilege can also be removed. The INSERT, UPDATE, and DELETE privileges cannot be granted to other users. The auditor adds and removes access privileges to the audit trail table. Access privilege to the audit trail table cannot be granted to anyone other than the auditor.
- Define indexes for the audit trail table
Indexes can be defined for the audit trail table. For details about the audit table columns, see 22.8 Audit trail table columns.
The audit trail table cannot be row partitioned, nor can the table definition be modified.
- Reorganize the audit trail table
The auditor reorganizes the audit trail table. Users other than the auditor cannot reorganize the audit trail table.
- Delete the audit trail table
The audit trail table can be deleted with DROP TABLE. The auditor deletes the audit trail table. Users other than the auditor cannot delete the audit trail table.
To re-create the audit trail table, the HiRDB administrator uses the pdmod command's create audit table statement.
(6) Add and delete audit events
Audit events can be added with CREATE AUDIT. Unnecessary audit events can be deleted with DROP AUDIT.
(7) Change the password
The auditor's password can be changed with GRANT AUDIT. The auditor changes the password.
(8) Delete the auditor's schema
If there is no audit trail table, the auditor's schema can be deleted. The auditor and DBA privilege holders can delete the auditor's schema.