IQ 16.0 SP08 - Login (failed/success) and logout audit
I need to track all login attempt, login success and logout events in my SAP IQ 16.0 SP08 engine.
The requirements is to collect these data and send them to an audit monitoring server.
I tried to use the "audit option", but the problem were:
1. Audit infos are written in transaction log files. I cannot access it (using dbtran) until the IQ engine is up. But in our PROD enivronment is not feasible any stop to extract that data. Do you have any suggestions? How can I use dbtran when IQ engine is running?
2. Audit infos are written in a very verbose format. Is it possible to specify a simpler format?
I tried: CALL sa_audit_string('DBA LOGIN AUDIT');
but what I want is something like:
#timestamp; user; action; result
2015-08-10 15:50:00,909; DBA; LOGIN; SUCCESSFULL
Do you have any suggestion about the above issues?
Saroj Bagai replied
I tested on windows, you can run dbtran against IQ server and it will translate transaction log
dbtran -g -c "uid=DBA;pwd=sql;eng=winiqdemo16" -nogui -n iqdemo.sql
and from docs:
Action auditing outside the database server
To provide auditing of actions, under Windows or Unix, any use of dbtran or dblog generates a text file in the same directory as the database file, with the extension .alg.
Some database utilities act on the database file directly. In a secure environment, only trusted users should have access to the database files.
To provide auditing of actions, under Windows or Unix, any use of dbtran or dblog generates a text file in the same directory as the database file, with the extension .alg. For example, for iqdemo.db, the file is called iqdemo.alg. Records containing the tool name, Windows or Unix user name, and date/time are appended to this file. Records are only added to the .alg file if the auditing option is set to On.
For audit format , you can create table in the database and insert auditing records in the auditing table and select in the desired format