3.4.1 Specification format and rules for the CREATE AUDIT statement
The CREATE AUDIT statement defines audit targets.
- Important
-
You can execute the CREATE AUDIT statement when the audit trail facility is enabled. To check whether the audit trail facility is enabled, execute the adbaudittrail -d command.
- Organization of this subsection
(1) Specification format
CREATE-AUDIT-statement::=CREATE AUDIT AUDITTYPE EVENT FOR ANY OPERATION
(2) Explanation of specification format
- ● AUDITTYPE EVENT
-
Specify this if you want to output an audit trail of the final event results.
- ● FOR ANY OPERATION
-
Specify this if the audit-target event is in the following table.
Table 3‒3: Audit-target events Event type
Audit-target event
Session management event
Execution of CONNECT (connection to an HADB server)
Execution of DISCONNECT (disconnection from an HADB server)
Privilege management event
Executions of the following SQL statements:
-
GRANT statement
-
REVOKE statement
-
CREATE USER statement
-
DROP USER statement
-
ALTER USER statement
Definition SQL event
Executions of the following definition SQL statements:
-
ALTER TABLE statement
-
ALTER VIEW statement
-
CREATE AUDIT statement
-
CREATE INDEX statement
-
CREATE SCHEMA statement
-
CREATE TABLE statement
-
CREATE VIEW statement
-
DROP AUDIT statement
-
DROP INDEX statement
-
DROP SCHEMA statement
-
DROP TABLE statement
-
DROP VIEW statement
Data manipulation SQL event
Executions of the following data manipulation SQL statements:
-
SELECT statement
-
INSERT statement
-
UPDATE statement
-
DELETE statement
-
TRUNCATE TABLE statement
-
PURGE CHUNK statement
Command operation event
Executions of the following commands:
-
adbimport command
-
adbexport command
-
adbidxrebuild command
-
adbgetcst command
-
adbdbstatus command
-
adbmergechunk command
-
adbchgchunkcomment command
-
adbchgchunkstatus command
-
adbarchivechunk command
-
adbunarchivechunk command
-
adbreorgsystemdata command
-
adbsyndict command
-
(3) Privileges required at execution
To execute the CREATE AUDIT statement, the CONNECT privilege and the audit admin privilege are required.
(4) Rules
-
You cannot define multiple instances of the same audit target.
-
An HADB server checks the audit target definition during the determination processing for outputting an audit trail. Therefore, depending on the audit trail output time, an audit trail about operations that were performed before the audit targets are defined might be output although those operations are not to be audited.
(5) Examples
- Example
-
The events listed in Table 3‒3: Audit-target events are defined as audit targets.
CREATE AUDIT AUDITTYPE EVENT FOR ANY OPERATION