CREATE AUDIT (Define the target audit event)
Function
Defines the target audit event to be recorded as an audit trail, and its target.
Privileges
Format
No. | Format |
---|---|
1 | CREATE AUDIT |
2 | FOR operation-type |
9 | [selection-option] |
3 | [WHENEVER {SUCCESSFUL|UNSUCCESSFUL|ANY}] |
Details about items
No. | Format |
---|---|
2 | operation-type::= {ANY |
9 | selection-option::=ON object-name |
object-name::= {ALIAS authorization-identifier.table-alias |FOREIGN INDEX authorization-identifier.index-identifier |FOREIGN TABLE authorization-identifier.table-identifier |FUNCTION authorization-identifier.routine-identifier |INDEX authorization-identifier.index-identifier |LIST authorization-identifier.table-identifier |PROCEDURE authorization-identifier.routine-identifier |RDAREA RDAREA-name |SCHEMA authorization-identifier |SERVER foreign-server-definition-owner.foreign-server-name |TABLE [authorization-identifier.]table-identifier |TRIGGER authorization-identifier.trigger-identifier |TYPE authorization-identifier.data-type-identifier |USER MAPPING SERVER foreign-server-name |VIEW authorization-identifier.table-identifier} | |
4 | session-type::= |
5 | privilege-operation-type::= |
6 | object-definition-event-type::= |
7 | object-operation-event-type::= |
8 | utility-event-type::= |
Operands
Table 3-10 Audit trail that is acquired based on the specification in WHENEVER
WHENEVER specification | When PRIVILEGE or ANY is specified in AUDITTYPE | When EVENT or ANY is specified in AUDITTYPE |
---|---|---|
SUCCESSFUL | Audit trail during a privilege check is collected only when the privilege check is successful. | Audit trail of the final result of an audit event is collected only when the audit event is successful. |
UNSUCCESSFUL | Audit trail during a privilege check is collected only when the privilege check is unsuccessful. | Audit trail of the final result of an audit event is collected only when the audit event is unsuccessful. |
ANY | Audit trail during a privilege check is collected regardless of whether or not the privilege check is successful. | Audit trail of the final result of an audit event is collected regardless of whether or not the audit event is successful. |
Table 3-11 Session types and operations generated by the associated audit events
Session type | Operation generated by privilege check audit event (PRIVILEGE specified in AUDITTYPE) | Operation generated by audit event acquiring audit trail on final results of an event (EVENT specified in AUDITTYPE) |
---|---|---|
CONNECT | Connection to HiRDB | Same as indicated at left |
AUTHORIZATION | Execution of SET SESSION AUTHORIZATION statement | Same as indicated at left |
Table 3-12 Privilege operation types and operations generated by the associated audit events
Privilege operation type | Operation generated by privilege check audit event (PRIVILEGE specified in AUDITTYPE) | Operation generated by audit event acquiring audit trail on final results of an event (EVENT specified in AUDITTYPE) |
---|---|---|
GRANT | Execution of GRANT | Same as indicated at left |
REVOKE | Execution of REVOKE | Same as indicated at left |
Table 3-13 Object definition event types and operations generated by the associated audit events
Object definition event type | Operation generated by privilege check audit event (PRIVILEGE specified in AUDITTYPE) | Operation generated by audit event acquiring audit trail on final results of an event (EVENT specified in AUDITTYPE) |
---|---|---|
CREATE | Execution of the following SQL statements:
| Same as indicated at left |
DROP | Execution of the following SQL statements:
| Same as indicated at left |
ALTER | Execution of the following SQL statements:
| Same as indicated at left |
Table 3-14 Object operation event types and operations generated by the associated audit events
Object operation event type | Operation generated by privilege check audit event (PRIVILEGE specified in AUDITTYPE) | Operation generated by audit event acquiring audit trail on final results of an event (EVENT specified in AUDITTYPE) |
---|---|---|
SELECT |
|
|
INSERT |
|
|
UPDATE |
|
|
DELETE |
|
|
PURGE |
|
|
CALL |
|
|
LOCK |
|
|
ASSIGN |
|
|
Table 3-15 Utility event types and operations generated by the associated audit events
Utility event type | Operation generated by privilege check audit event (PRIVILEGE specified in AUDITTYPE) | Operation generated by audit event acquiring audit trail on final results of an event (EVENT specified in AUDITTYPE) |
---|---|---|
PDLOAD | Execution of pdload | Same as indicated at left |
PDRORG | Execution of pdrorg | Same as indicated at left |
PDEXP | Execution of pdexp or pddefrev | Same as indicated at left |
PDCONSTCK | Execution of pdconstck | Same as indicated at left |
Rules
Notes
Table 3-16 Event type, event subtype, and specifiability of AUDITTYPE
Event type | Event subtype | AUDITTYPE specifiability | ||
---|---|---|---|---|
PRIVILEGE | EVENT | ANY | ||
ANY | ![]() | C* | Y | C* |
SESSION | Any subtype | Y | Y | Y* |
PRIVILEGE | Any subtype | Y | Y | Y* |
DEFINITION | Any subtype | Y | Y | Y* |
ACCESS | CALL | N | Y | C* |
ANY | C* | Y | C* | |
Any subtype other than the above | Y | Y | Y | |
UTILITY | Any subtype | Y | Y | Y |
Table 3-17 Event type, event subtype, and specifiability of object name (1/2)
Event type | Event subtype | ALIAS | FRGN INDEX | FRGN TABLE | FCTN | INDEX | LIST | PRCDR |
---|---|---|---|---|---|---|---|---|
ANY | ![]() | C | C | C | C | C | C | C |
SESSION | All | N | N | N | N | N | N | N |
PRIVILEGE | GRANT | N | N | Y | N | N | N | N |
REVOKE | N | N | Y | N | N | N | N | |
ANY | N | N | Y | N | N | N | N | |
DEFINITION | CREATE | Y | Y | Y | Y | Y | N | Y |
DROP | Y | Y | Y | Y | Y | N | Y | |
ALTER | N | N | Y | Y | Y | N | Y | |
ANY | C | C | Y | Y | Y | N | Y | |
ACCESS | SELECT | Y | N | Y | N | N | Y | N |
INSERT | Y | N | Y | N | N | N | N | |
UPDATE | Y | N | Y | N | N | N | N | |
DELETE | Y | N | Y | N | N | N | N | |
PURGE | Y | N | N | N | N | N | N | |
ASSIGN | N | N | N | N | N | Y | N | |
CALL | N | N | N | N | N | N | Y | |
LOCK | Y | N | Y | N | N | N | N | |
ANY | C | N | C | N | N | C | C | |
UTILITY | PDLOAD | N | N | N | N | N | N | N |
PDRORG | N | N | N | N | N | N | N | |
PDEXP | Y | N | N | N | N | N | Y | |
PDCONSTCK | N | N | N | N | N | N | N | |
ANY | C | N | N | N | N | N | C |
Table 3-18 Event type, event subtype, and specifiability of object name (2/2)
Event type | Event subtype | RD | SCHM | SVR | TBL | TRGR | TYP | USR MPG | VIEW |
---|---|---|---|---|---|---|---|---|---|
ANY | ![]() | C | C | C | C | C | C | C | C |
SESSION | All | N | N | N | N | N | N | N | N |
PRIVILEGE | GRANT | N | N | N | Y | N | N | N | Y |
REVOKE | N | N | N | Y | N | N | N | Y | |
ANY | N | N | N | Y | N | N | N | Y | |
DEFINITION | CREATE | Y | Y | Y | Y | Y | Y | Y | Y |
DROP | N | Y | Y | Y | Y | Y | Y | Y | |
ALTER | Y | N | N | Y | Y | N | N | Y | |
ANY | C | C | C | Y | Y | C | C | Y | |
ACCESS | SELECT | N | N | N | Y | N | N | N | Y |
INSERT | N | N | N | Y | N | N | N | Y | |
UPDATE | N | N | N | Y | N | N | N | Y | |
DELETE | N | N | N | Y | N | N | N | Y | |
PURGE | N | N | N | Y | N | N | N | N | |
ASSIGN | N | N | N | Y | N | N | N | N | |
CALL | N | N | N | N | N | N | N | N | |
LOCK | N | N | N | Y | N | N | N | Y | |
ANY | N | N | N | C | N | N | N | C | |
UTILITY | PDLOAD | N | N | N | Y | N | N | N | N |
PDRORG | N | Y | N | Y | N | N | N | N | |
PDEXP | N | N | N | Y | Y | N | N | Y | |
PDCONSTCK | N | N | N | Y | N | N | N | N | |
ANY | N | C | N | Y | C | N | N | C |
Examples
CREATE AUDIT FOR ANY WHENEVER ANY
CREATE AUDIT FOR SESSION CONNECT
CREATE AUDIT FOR PRIVILEGE GRANT
CREATE AUDIT FOR DEFINITION CREATE
CREATE AUDIT FOR ACCSESS INSERT
CREATE AUDIT AUDITTYPE ANY FOR ANY
CREATE AUDIT AUDITTYPE EVENT FOR ANY
CREATE AUDIT AUDITTYPE EVENT FOR ANY ON TABLE "USER1"."T1"