dbWatch AS

Auditing

DbWatch supports auditing of all statements that are executed on the database instances from dbWatch.

There is currently no graphical way of turning this feature on, so it involves manually editing the server_configuration.xml file.

Stop the dbWatch Server and take a backup of this file before editing it.

Add the following tag to the file:


<audit-settings>
   <audit-setting>
       <audit-catalog>E:/dbWatch/dbw-audit</audit-catalog>
       <file-switch-interval-minutes>360</file-switch-interval-minutes>
       <audit-level>2</audit-level>
       <file-keep-for-days>7</file-keep-for-days>
   </audit-setting>
</audit-settings>
  • audit-catalog The catalog where dbWatch will place the audit files. dbWatch will create a file called audit.log in this catalog. The catalog used must be created already, and be read/writeable by the user that runs the dbWatch Service.
  • file-switch-interval-minutes How many minutes should pass before switching log files. When switching files, dbWatch creates a zip file of the log and names it with a timestamp. Then a new audit.log file is created and used.
  • file-keep-for-days Zip files that are older than this will be deleted. A value of 0, means it will not delete any files.
  • audit-level 0=no logging, 1 = log statements triggered by user actions, 2 = log all statements

Example log entry:


Entry [Feb 16, 2023 11:53:01 AM][pcu][10.0.1.112/1521][sys as sysdba]
SELECT 1 FROM DUAL

From this entry we can see the time, dbWatch user, the ip and port of the database we connect to, and the database credentials used, as well as the statement.

← Disclaimer / Control Center Commandline →

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment