2.18.3 Operations that trigger audit trail output (audit target events)

An operation for which an audit trail is output is called an audit target event. There are two types of audit target event: mandatory audit events and optional audit events. An audit trail is always output for mandatory audit events if the audit trail facility is enabled. For optional audit events, the auditor can select whether an audit trail is output.

The following are examples of operations that constitute audit target events. An audit trail is output at the completion of these audit target events.

• Examples of mandatory audit events

  • Using the adbstart command to start the HADB server

  • Using the adbmodarea command to add or modify a DB area

  • Using a GRANT statement to grant audit privileges

  • Using the adbaudittrail command to disable the audit trail facility

  • Using the ADB_AUDITREAD function to reference an audit trail

• Examples of optional audit events

  • Connecting to the HADB server

  • Using a CREATE TABLE statement to define a table

  • Using a SELECT statement to retrieve data from a table

  • Using an UPDATE statement to modify rows

  • Using the adbimport command to import data

For details about the operations that constitute audit target events, see 12.9.1 List of audit target events and output items.

Important

If multiple schema objects are the target of an audit target event, an audit trail is output for each schema object.

Example:

SELECT * FROM "T1","T2"

Explanation

When the preceding SELECT statement is executed, an audit trail is output in relation to table T1 and another is output in relation to table T2.

In this manner, an audit trail is output for each schema object targeted by the audit target event. If the output of audit trails is triggered as a mandatory audit event and an optional audit event, an extremely large number of audit trails might be output. A large number of audit trails might also impact the effectiveness with which the auditor can perform his or her tasks. For this reason, you must have the objectives of the auditing process clearly in mind when selecting whether to output audit trails for optional audit events. If you decide to output audit trails for optional audit events, you define the audit targets by using the CREATE AUDIT statement.

Note

• If an audit target event applies to just one schema object or there is no schema object targeted by the event, only one audit trail is output.

• An error caused by an incorrectly specified command does not trigger output of an audit trail.

To Page Top