What is the difference between the different auditing options in VigilEnt Audit Manager/VigilEnt Sec (NETIQKB30027)

  • 7730027
  • 02-Feb-2007
  • 08-Sep-2008

Resolution

goal
What is the difference between the different auditing options in VigilEnt Audit Manager/VigilEnt Security Agent for Oracle?

fact
VigilEnt Audit Manager for Oracle 3.2 SP1

fact
VigilEnt Audit Manager for Oracle 3.2 SP6

fact
VigilEnt Audit Manager for Oracle 4.0 SR2

fact
VigilEnt Audit Manager for Oracle 4.0 SP3

fact
VigilEnt Security Agent for Oracle 1.0

fact
VigilEnt Security Agent for Oracle 1.0 SR1

fact
VigilEnt Security Agent for Oracle 1.0 SR2

fact
VigilEnt Security Agent for Oracle 1.0 SP3

fact
VigilEnt Security Agent for Oracle 1.0 SP4

fix
There are three types of auditing that can be configured from the Audit Options menu.

  • Object
  • Statement/Privilege
  • User Defined

Both Object and Statement/Privilege auditing will record events that go into the native Oracle audit trail. These records will specify the ?who,? ?what,? and ?when? of the events involving objects or privileges. For example, auditing of the Create Session privilege will show successful and/or unsuccessful logins for a specific user in the native audit trail.

User Defined auditing records event information into tables owned by the VigilEnt Audit Manager for Oracle schema owner, SQLCQR. The configuration of user-defined audits can be broad or specific in nature with the use of condition clauses in the audit definition. These audits provide all of the information of native Oracle auditing as well as the old and new values of any specified column within an audited table. User-defined alerting is another option that can be set to send e-mail notifications as the audited events occur.

For example, a user-defined audit can be set up to record update events as they occur to the wages column of a company's salary table. The audit definition can configured to ?fire? on an update from a specific person, or if the value has been increased by more than a specified percentage, and a corresponding alert e-mail can be configured to go to an administrator.

Additional Information

Formerly known as NETIQKB30027