on 04-19-2016 3:00 AM
Dear all,
I want to keep logon and logoff actions of users in HANA DB 1.0 Rev 10.2 security audit log, both successful and unsuccessful attempts.
According to SAP_HANA_Security_Guide_en.pdf, I defined a new audit policy.
CREATE AUDIT POLICY xxxxxx AUDITING ALL CONNECT,DISCONNECT SESSION LEVEL info
The outcome was a little bit different from my expectation.
CONNECT is ok, all of actions are successfully logged even unsuccessful attenpts as well.
But DISCONNECT SESSION, for example 'exit' or '/q' command in hdbsql, is not logged at all.
Kindly give your advice, how can I make it on my HANA DB?
with kind regards,
Naoto Mochizuki
Hi Naoto,
DISCONNECT SESSION action logs when someone disconnects a session using following SQL either from hdbsql or studio.
ALTER SYSTEM DISCONNECT SESSION '<CONNECTION ID>' ;
It logs the client IP and application user name. Its useful when one critical session gets disconnected and someone needs to find out who disconnected the session. I don't think any of the audit policy records time of log off from studio.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Chinmaya,
Thank you.
But most of cases users don't use ALTER SYSTEM statement when they finish their sessions.
They usually finish sessions by 'Exit' or /q.
If HANA audit log doesn't catch such such closure operations, I think the audit log functionality is weak because major part of session closure is not logged.....
Regards,
Naoto
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.