3.5 Notes
-
To enable the audit trail facility, all the following conditions must be met. If the conditions are not met, the adbaudittrail command results in an error.
-
An existing directory is specified for the adb_audit_log_path operand in the server definition.
-
Read, write, and execution privileges are set so that the HADB administrator can access the directory specified for the adb_audit_log_path operand in the server definition.
-
The number of audit trail files stored under the directory specified for the adb_audit_log_path operand in the server definition is equal to or smaller than the value specified for the adb_audit_log_max_num operand in the server definition.
-
-
If you enable the audit trail facility, the output of audit trail starts from the SQL statement and command that started after normal termination of the adbaudittrail command. No audit trails are output for SQL statements and commands that were being executed when the adbaudittrail command terminated normally.
-
If you disable the audit trail facility, no audit trails are output for SQL statements and commands that were being executed when the adbaudittrail command terminated normally. Also note that audit trails will not be output for SQL statements and commands that are executed subsequently.
-
Only one adbaudittrail command can be executed at a time. If you execute multiple adbaudittrail commands at the same time, an error occurs.
-
If the multi-node function is being used, the node on which the adbaudittrail command can be executed differs depending on the specified option. The following table shows the correspondences between the options to specify and the nodes on which the adbaudittrail command can be executed.
Table 3‒3: Correspondences between the options to specify and the nodes on which the adbaudittrail command can be executed No.
Option to specify
Node on which the command can be executed
1
--start
Master node
2
--stop
Master node
3
--swap#1
Master node or slave node
4
--swap -n node-number
Master node
5
-d#2
Master node or slave node
6
-d -n node-number
Master node
- #1
-
On the node on which the command is executed, the audit trail file that contains the audit trails to be output is swapped.
- #2
-
Information related to the audit trail facility of the node on which the command is executed is output.
When the audit trail facility is being enabled, the adbaudittrail command results in an error if the audit trail facility cannot be enabled on at least one node. This also applies when the audit trail facility is being disabled.
-
To use the multi-node function, the node number -n must meet all the following conditions. If the conditions are not met, the adbaudittrail command results in an error.
-
The node number is equal to or smaller than the number of nodes containing HADB servers in a multi-node configuration.
-
The HADB server with the specified node number is running.
-
-
Once enabled, the audit trail facility remains in effect until it is disabled by using the adbaudittrail command. If the HADB server is terminated with the audit trail facility enabled, the audit trail facility will remain in effect the next time the HADB server is started. The specification of the --write-error option (that is, the processing method if audit trails can no longer written to the audit trail file) is also inherited.
- Note
-
For the following server definitions related to the audit trail facility, the specified values existing when the HADB server is started are applied (the specified values that existed when the HADB server previously terminated are not inherited):
-
adb_audit_log_path operand (audit trail directory)
-
adb_audit_log_max_size operand (maximum size of an audit trail file)
-
adb_audit_log_max_num operand (maximum number of audit trail file generations)
-