The audit trail is output to an audit trail file. The data in an audit trail file can be accessed using SQL after the data has been loaded into the audit trail table by the database load utility (pdload command). The auditor can reference an audit trail table (but cannot modify it). A user other than the auditor can access (but cannot modify) an audit trail table if the auditor has granted access privilege to that user. The following figure shows how to access the audit trail.

Figure 24-2 Accessing the audit trail

Explanation

1. When audited events are executed, an audit trail is output to an audit trail file. An audit trail file is created in a HiRDB file system area for audit trail files. For details about audited events, see 24.1.7 Audited events.
2. The audit trail output to an audit trail file becomes the input information to the database load utility (pdload command) for data loading to record the data in the audit trail table. For details, see 24.7 Recording data in the audit trail table.
   HiRDB can also automatically register data in the audit trail table. For details, see 24.1.8 Facility for automatically loading audit trail table data.
   
3. The auditor uses the audit trail table to inspect the audit. For details about the audit trail table, see 24.8 Audit trail table columns.

The following table shows the differences between an audit trail table and other tables.

Table 24-1 Differences between an audit trail table and other tables

Action on table		Audit trail table	Other tables
Defining a table		HiRDB administrator uses the pdmod command to define the table.	Each user uses CREATE TABLE to define the table.
Deleting a table		Only the auditor can delete the table. Users with DBA privilege cannot delete the table.	Table owner deletes the table. Users with DBA privilege can also delete the table.
Modifying the table definition		Cannot be done.	Table owner can modify the table.
Granting access privileges to other users		Only the SELECT privilege can be granted.	SELECT, INSERT, UPDATE, and DELETE privileges can all be granted.
Loading data into a table		Can be executed only by the auditor.	Can be executed by the table owner. Can also be executed by other users who are granted access privilege.
Reorganizing a table		Can be executed only by the auditor.	Can be executed by users with DBA privilege. Can also be executed by other users who are granted access privilege.
Usage privilege to RDAREAs for storing the table		Only the auditor has the usage privilege.	Table owner has the usage privilege. Can also be used by other users who are granted the privilege.
Row-partitioning of a table		N	Y
Accessing a table	SELECT	Y	Y
	INSERT	N	Y
	UPDATE	N	Y
	DELETE	Can be performed only by the auditor.	Y
	PURGE	Can be performed only by the auditor.	Y

Legend:

Y: Can be executed.

N: Cannot be executed.