You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Audit and Accountability are important for some users where there is a need to monitor access and/or modification of data. It is understood that the current Firebird implementation does allow the creation of triggers that can monitor and record various events in a user database or even a security database. However, there are many security related events that cannot be logged using triggers and which may, nevertheless, be important to some users.
These events include:
Failed Login attempts
Database Creation and Deletion
Database Encryption/Decryption
Operations performed through the Services API.
Creation/Deletion of metadata objects
Activation/Deactivation of metadata objects where applicable.
It is proposed that Firebird should be enhanced such that a logging mechanism is provided to permit such events to be logged and that the use of such a logging mechanism should be configurable on a global or per database basis.
The text was updated successfully, but these errors were encountered:
Audit and Trace services allows to log every item at the list above.
And Audit feature is specially designed for such needs.
There is some issues with logging of failed login attempts (due to changes in authentication in fb3), though.
DDL triggers allows to log most list items, i believe, namely:
- Database Encryption/Decryption
- Creation/Deletion of metadata objects
- Activation/Deactivation of metadata objects where applicable.
Submitted by: Tony Whyman (twhyman)
Votes: 1
Audit and Accountability are important for some users where there is a need to monitor access and/or modification of data. It is understood that the current Firebird implementation does allow the creation of triggers that can monitor and record various events in a user database or even a security database. However, there are many security related events that cannot be logged using triggers and which may, nevertheless, be important to some users.
These events include:
Failed Login attempts
Database Creation and Deletion
Database Encryption/Decryption
Operations performed through the Services API.
Creation/Deletion of metadata objects
Activation/Deactivation of metadata objects where applicable.
It is proposed that Firebird should be enhanced such that a logging mechanism is provided to permit such events to be logged and that the use of such a logging mechanism should be configurable on a global or per database basis.
The text was updated successfully, but these errors were encountered: