SoftTree Technologies SoftTree Technologies
Technical Support Forums
RegisterSearchFAQMemberlistUsergroupsLog in
DB Audit - slow performance with audit SESSION priv ?

 
Reply to topic    SoftTree Technologies Forum Index » DB Audit, DB Mail, DB Tools View previous topic
View next topic
DB Audit - slow performance with audit SESSION priv ?
Author Message
pvviet



Joined: 20 Dec 2007
Posts: 4
Country: Viet Nam

Post DB Audit - slow performance with audit SESSION priv ? Reply with quote
Hello DbAudit,

I'm evaluating DbAudit for a Hybrid Database system with the following characters:
- Many processes load data from text file into database every 5 minutes
- End-users select data for their daily business

DbAudit only suport auditing CREATE SESSION privilege by database USER, not by APPLICATION ?

I wonder how can I exclude auditing CREATE SESSION for the loading application, so it will reduce the storage cost & improve much performance.

This is our biggest issue when using DbAudit.

Regards.
Thu Dec 20, 2007 10:57 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7833

Post Reply with quote
What do you mean by "Hybrid Database system?" What kind of database is that?
Thu Dec 20, 2007 11:06 pm View user's profile Send private message
pvviet



Joined: 20 Dec 2007
Posts: 4
Country: Viet Nam

Post Reply with quote
Hi,

i'm working in Telecom market, "Hybrid database system" is a call detail database, has data flow like this:

- Many processes load data from text file into database each minute daily, then make some computing on data.
- End-users view data (call details by subscriber)

So i dont want to to audit LOGON/LOGOFF events of the loading application, but DbAudit seem not support at this time.

I think DbAudit should support auditing LOGON/LOGOFF events by TRIGGER.

Tell me if still not clear.

Regards.
Fri Dec 21, 2007 2:44 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7833

Post Reply with quote
It doesn't matter what it is used for. Is that Oracle, SQL Server, Sybase, DB2 or MySQL database? Which version? Which platform?
Fri Dec 21, 2007 8:24 am View user's profile Send private message
pvviet



Joined: 20 Dec 2007
Posts: 4
Country: Viet Nam

Post Reply with quote
Hi,

The Oracle version is 9.2.0 running on Sun solaris 9.

Regards.
Fri Dec 21, 2007 12:03 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7833

Post Reply with quote
Ok, we can start digging into this.

Are you talking about auditing of granting CREATE SESSION privilege or auditing of sessions?

If you mean the privilege, the privilege is always granted to a user, not an application.

If you are talking about auditing sessions, then sessions are established by applications in a specific user context. Yet, the application name is not always available to Oracle, and even if known, the name is known only after the session is established and therefore this value cannot be used as an audit filter, as you are going to miss all failed sessions.

If you decide to use of system-level triggers, you should be aware that this feature is not supported in all Oracle versions, and where it is supported, it can be used for successful sessions only, such triggers cannot capture failed sessions.

The native auditing method used by DB Audit is extremely efficient. If configured properly, the impact of the auditing should not be visible.


Now, the topic of this message is "slow performance with audit SESSION priv" At the moment I simple don't believe your statement that the performance is affected by the auditing of SESSIONS, assuming that you are auditing sessions only.

Please ensure the database server is properly setup, and there are no global server scope problems with the space, redo logs or other global problems. Especially ensure that Oracle is setup correctly and given sufficient amount of memory to perform smoothly. Use Tuning Advisor in the Oracle Enterprise Manager or other available tools to check Oracle performance. You can try, for example, the DB Tuning Expert utility which is part of our DB Tools for Oracle package.

Secondary, if you are interested in auditing of sessions only, ensure you are auditing sessions and not just every little move happening in the database. Even if your database hit with hundreds or thousands of new sessions per second, if the database is properly setup and has sufficient system resources, the auditing of sessions is not going to have much impact on the performance of the server.


Please let us know what you find out
Fri Dec 21, 2007 12:38 pm View user's profile Send private message
pvviet



Joined: 20 Dec 2007
Posts: 4
Country: Viet Nam

Post Reply with quote
Hi,

As you said, if we can ensure our performance & properly config, we can use DbAudit effectively. Agree this with you, but performance is another big solution.

Anyway I think DbAudit will more interesting if DbAudit can support auditing SESSION priv by TRIGGER & also support FGA in the new versions.

it's very interesting if you can list some new features in new DbAudit version, and the time for new realease.

Merry XMas & Prosperous new years.

Thanks.
Fri Dec 21, 2007 10:40 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7833

Post Reply with quote
I'm sorry I cannot list all planned features for competitive reasons. I'm sure you understand me. I can only state that the list of new features and enhancements targeted in for 2008 is several pages long and using Oracle database-scope triggers and FDA is not on the list at the moment.

Also please keep in mind that DB Audit is a multi-database cross-platform auditing solution, implementing new functionality that is specific to a particular database type is not likely going to make it on the list. While we are using different internal implementations for different types of databases, we are trying to cover common auditing requirements that are applicable to different database types and the functionality can be presented in a unified way, so that security officers (and other personnel) don't need to learn a lot about each database internals.
Wed Dec 26, 2007 11:48 am View user's profile Send private message
Display posts from previous:    
Reply to topic    SoftTree Technologies Forum Index » DB Audit, DB Mail, DB Tools All times are GMT - 4 Hours
Page 1 of 1

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


 

 

Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.