When the security audit facility is enabled, audit trails are output automatically by the system for some events. For other events, the auditor can select whether audit trails are to be collected.
Event type |
Explanation and audited events |
Selectability |
System administrator security events |
- Security events performed by the HiRDB administrator or users with DBA privilege are audited.
- Modifications of the setting values of the connection security facility are audited.
- Security events performed automatically by the system are audited.
An audit trail is output when the following events occur:
- HiRDB startup (pdstart command)#1
- HiRDB termination (pdstop command)#1, #2
- Auditor registration (pdmod command)
- Audit trail table creation (pdmod command)
- Audit trail file deletion (pdaudrm command)#3
- Audit trail collection startup#5
- Audit trail collection termination#6
- Start of audit trail file overwriting
- Transition to consecutive certification failure account lock state
- Release of consecutive certification failure account lock state
Applicable in the following cases:
During CONNECT after the account lock period has passed
During execution of DROP CONNECTION SECURITY
During execution of the pdacunlck command
- Transition to password-invalid account lock state
- Release of password-invalid account lock state
- Modification of a setting value of the connection security facility:
Permitted number of consecutive certification failures
Account lock period
Items to be set up for character string restrictions for passwords (including an advance check)
- Execution of the pdacnlck command
|
N (an audit trail is always output). |
Auditor security events |
These are audits of events performed by the auditor. An audit trail is output when the following events occur:
- Data loading into an audit trail table (pdload command)
- Swapping of audit trail files (pdaudswap command)
- Defining events to be audited (CREATE AUDIT)#4
- Deleting events to be audited (DROP AUDIT)#4
- Changing the auditor password (GRANT AUDIT)#4
- Outputting data to the audit log output file for JP1/NETM/Audit (pdaudput command)
|
N (an audit trail is always output). |
Session security events |
These are audits of user authentication by authorization identifier and password.
An audit trail is output when the following events occur:
- Connection to HiRDB (CONNECT statement)
- User change (SET SESSION AUTHORIZATION statement)
- Disconnection from HiRDB (DISCONNECT statement)#9
|
Y |
Privilege management events |
These are audits of addition or deletion of user privileges. An audit trail is output when the following events occur:
- User privilege addition (GRANT statement)
- User privilege deletion (REVOKE statement)
|
Y#7 |
Object definition events |
These are audits of object definitions, deletions, or modifications. An audit trail is output when the following events occur:
- Object definition; this applies to the following SQL statements:
CREATE FUNCTION
CREATE INDEX
CREATE PROCEDURE
CREATE PUBLIC VIEW
CREATE SCHEMA
CREATE SEQUENCE
CREATE TABLE
CREATE TRIGGER
CREATE TYPE
CREATE VIEW
- Object deletion; this applies to the following SQL statements:
DROP DATA TYPE
DROP FUNCTION
DROP INDEX
DROP PROCEDURE
DROP PUBLIC VIEW
DROP SCHEMA
DROP SEQUENCE
DROP TABLE
DROP TRIGGER
DROP VIEW
- Object modification; this applies to the following SQL statements:
ALLOCATE MEMORY TABLE
ALTER INDEX
ALTER PROCEDURE
ALTER ROUTINE
ALTER TABLE
ALTER TRIGGER
COMMENT
DEALLOCATE MEMORY TABLE
|
Y#7 |
Object manipulation events |
These are audits of object manipulations. An audit trail is output when the following events occur:
- Table reference (SELECT statement)
- Table row insertion (INSERT statement)
- Table row update (UPDATE statement)
- Table row deletion (DELETE statement)
- Table deletion of all rows (PURGE TABLE statement)
- Stored procedure execution (CALL statement)
- Table lock control (LOCK TABLE statement)
- List creation (ASSIGN LIST statement)
- Returning of a value generated by a sequence generator (NEXT VALUE expression)
|
Y#7 |
Utility operation event |
Security events related to object operations performed by a utility or command are audited. An audit trail is output when any of the following is executed:
- Database load utility (pdload command)
Target objects: TABLE and SEQUENCE
- pddefrev command
Target objects: PROCEDURE, TABLE, TRIGGER, and VIEW
- Database reorganization utility (pdrorg command)
Target object: TABLE
- Dictionary import/export utility (pdexp command)
Target objects: PROCEDURE, TABLE, TRIGGER, and VIEW
- Integrity check utility (pdconstck command):
Target objects: TABLE
|
Y#7, #8 |