The audit trail record items during privilege checking are described below.

The record items for User identifier through Object type are described in Part 1, and the record items beginning with Privileges assigned/deleted/modified are described in Part 2.

For details about the event types and subtypes, see Table 24-21 Event types and subtypes. For details about the privileges that were used, see USED_PRIVILEGE in Table 24-20 Audit trail table columns.

Audit trail record items during privilege checking (part 1)

Audit trail record items during privilege checking (part 2)

Legend:

Y: Information is collected.

S: Information is collected sometimes via the XA interface.

--: Information is not collected; or, not applicable.

ACS: Number of privileges specified (4 if all is specified).

ATB: Number of audit trail tables created with the pdmod command (1 if audit trail tables were created; 0 if audit trail tables were not created).

AUD: Number of auditors created with the pdmod command (1 if auditors were created; 0 if auditors were not created).

CLS: 1 if FOR CLUSTER KEY clause is specified; 0 if it is not specified.

FNC: Number of functions to be re-created.

IDX: Number of related indexes.

PRC: Number of procedures to be re-created.

PRM: 1 if FOR PRIMARY KEY clause is specified; 0 if it is not specified.

RDA: Number of RDAREAs specified.

RLB: Number of RDAREAs for LOB data.

RID: Number of index RDAREAs.

SEQ: Number of sequence generators used.

TBL: Number of tables specified by a SELECT statement, SELECT clause, or LOCK statement, or the number of tables to be processed by a utility.

TRG: Number of triggers to be re-created.

USR: Number of specified users or groups.

VIW: Number of target view tables.

#1

When the SQL type is SELECT, INSERT, UPDATE, or DELETE, usage privilege is also checked during pre-processing by a PREPARE statement and an audit trail is collected. As a result, the number of output records is doubled. The timing for usage privilege checking is described below. The underlined SQL statements check usage privilege and collect an audit trail.

When the SQL type is SELECT

When preprocessing by a PREPARE statement is not performed

  EXEC SQL DECLARE C1 CURSOR FOR SELECT * FROM T1;
  EXEC SQL OPEN C1;
 

When preprocessing by a PREPARE statement is performed

  EXEC SQL PREPARE S1 FROM 'SELECT * FROM T1';
  EXEC SQL DECLARE C1 CURSOR FOR S1;
  EXEC SQL OPEN C1;
 

When the SQL type is INSERT (same for UPDATE and DELETE)

When preprocessing by a PREPARE statement is not performed

  EXEC SQL INSERT INTO T1(C1) VALUES(1);
 

When preprocessing by a PREPARE statement is performed

  EXEC SQL PREPARE S1 FROM 'INSERT
                      INTO T1(C1) VALUES(?)';
  EXEC SQL EXECUTE S1 FOR:data;

#2

Applies to cases in which a table is not or cannot be recognized as an audit trail table.

#3

When the target object is a public view table, public function, or public procedure, PUBLIC is output as the object owner.

#4

When a base table is a view table or public view table, the record count is increased for each real table that is used as the base table.

#5

Not output when HiRDB executes the pdload command by applying the facility for automatically loading audit trail table data.

#6

For details about the audit trail when an XDS client is being used, see Notes on using the security audit facility in the HiRDB Version 9 Memory DB Configuration and User's Guide.