Auditing DB activity based specific pre-fixed use...

Former Member · ‎09-10-2014

Hi Team,

I am working on HANA auditing topic now ,

We have a requirement to track user activities only if they are name with a prefix .
For Example LOCAL_ABC and LOCAL_A1F both of this user should be captured in the policy .
Something similar like below

CREATE USER LOCAL_FRED PASSWORD Initial_1;

CREATE USER LOCAL_FREDY PASSWORD Initial_1;

CREATE SCHEMA MY_SCHEMA OWNED BY system;

CREATE TABLE MY_SCHEMA.MY_TABLE (first_col int);

GRANT INSERT ON MY_SCHEMA.MY_TABLE to LOCAL_JOHN;

GRANT INSERT ON MY_SCHEMA.MY_TABLE to LOCAL_JOSE;

CREATE AUDIT POLICY OBJECT_AUDIT AUDITING SUCCESSFUL INSERT ON MY_SCHEMA.MY_TABLE FOR LOCAL* LEVEL INFO

Is there a possibility to do this , Like tracking a group of users .

Thanks,

Razal

lbreddemann · ‎09-10-2014

Hi Razal,

currently (SPS8) any audit policy can either be

applied to a set of explicitly listed user accounts or
applied to every user EXCEPT for the set of explicitly listed user accounts

There is no pattern matching possible for the user name and it's not possible to use e.g. roles to identify when a policy should match.

So as of now you will have to either include every LOCAL* user manually after it is created or to simply exclude the users you definitively don't want in the audit log (like the _SYS_* users... ).

- Lars

Auditing DB activity based specific pre-fixed user .

Accepted Solutions (0)

Answers (1)

Answers (1)

[BIG PROBLEM] SAP Host Agent cannot connect to SYS...

What is the right SAP MARA field to map with CPI L...

SKU for Additional Storage

Re: IAS as proxy

Re: cloud connector