Nonstop Database, HiRDB Version 9 System Operation Guide
24.4.3 Auditor registration, creation of the RDAREA to store the audit trail table, and creation of the audit trail table
Register the auditor with the pdmod command's create auditor statement. The auditor can perform the following operations:
- Data load the audit trail table
- Swap audit trail files
- Retrieve or delete the audit trail table
- Notes
- Legend:
- Yes: This privilege can be held.
- No: This privilege cannot be held.
Estimate the size of the RDAREA where the audit trail table will be stored, and then create it.
(a) Estimating the size of the RDAREA to store the audit trail table
When estimating the size of the RDAREA to store the audit trail table, consider the points listed below. For details about estimating an RDAREA size, see the HiRDB Version 9 Installation and Design Guide.
- Audit trail table line length and the page size of the RDAREA to store the audit trail table
Determine the page size of the RDAREA to store the audit trail table based on the audit trail table line length. Use the following formula to estimate the audit trail table line length:
audit-trail-table-line-length = 1,296 + pd_aud_sql_source_size-value + pd_aud_sql_data_size-value (bytes)
When you acquire an SQL statement or SQL data, determine whether to branch their binary data before storing it in RDAREAs based on the audit trail operation method. For example, if the SQL statement or SQL data is not being used as the search target of an audit trail, branching their data before storing it in RDAREAs might improve performance.
When you branch both the SQL statement and SQL data before storing it in RDAREAs, the audit trail table line length is 1,320 bytes.
For details about how to determine a page size, see the HiRDB Version 9 Installation and Design Guide.
- Number of records to be stored in an audit trail table
First, determine the events for which audit trails are to be acquired. For details about the events for which audit trails can be acquired, see 24.1.7 Audited events. For details about the audit trail table items that are recorded for each event, see 24.13 Audit trail record items (during privilege checking) and 24.14 Audit trail record items (at event termination).
Next, based on the frequency of the events for which audit trails are to be acquired and the number of records for each event#, compute the number of audit trail records that will be recorded per day. Then, using the following formula, compute the number of lines to be stored in the audit trail table:
number-of-lines-to-be-stored-in-audit trail table = number-of-audit-trail-records-to-be-recorded-per-day x number-of-days-to-save-data
#: For details about the number of records of each event, see the Record count column in Table 24.13 Audit trail record items (during privilege checking) and Table 24.14 Audit trail record items (at event termination).
(b) Creating an RDAREA
Use the create rdarea statement of the pdmod command to create the RDAREA to store the audit trail table. Note the following points when creating an RDAREA:
- We recommend that you create the RDAREA to store the audit trail table in a HiRDB file system area that is different from the one used for audit trail files.
If you create the RDAREA to store the audit trail table in the HiRDB file system area used for audit trail files, a space shortage might occur for audit trail files during HiRDB operation.
- Make the RDAREA type a user RDAREA.
- Grant RDAREA usage privilege only to the auditor. Do not make it a shared RDAREA and do not grant usage to it to other users. Specify the RDAREA usage privilege with the create rdarea statement's for user used by operand.
- Allocate global buffers to the added RDAREA.
- The audit trail table can be stored in an existing RDAREA, but the audit trail table cannot be stored in a shared RDAREA or in an RDAREA to which users other than the auditor have usage privileges. In such a case, change the RDAREA usage privilege so that only the auditor has it.
- Before re-creating or modifying the RDAREA that stores the audit trail table, the auditor must delete the audit trail table.
Create the audit trail table with the pdmod command's create audit table statement. The following should be considered when creating the audit trail table:
- Only one audit trail table can be created.
- The audit trail table can be deleted and redefined. To delete the audit trail table, the auditor executes the DROP TABLE statement. Users other than the auditor cannot delete the audit trail table. To re-create the audit trail table after it has been deleted, the HiRDB administrator executes the pdmod command's create audit table statement.
- Indexes can be defined for the audit trail table. However, since there is no column that guarantees data uniqueness, do not define an index for which UNIQUE is specified. For details about the column structure of the audit trail table, see Table 24-20 Audit trail table columns.
- The audit trail table cannot be row partitioned.
- The table definition of the audit trail table cannot be modified.
All Rights Reserved. Copyright (C) 2011, 2015, Hitachi, Ltd.