Grid Control is a great tool to manage multiple databases in large corporates
and I have been recommending it internally in Telstra in Australia, and to large
Oracle clients in India and South East Asia.

Some clients require to fully capture all actions performed in the Grid
Control console browser window. This is because currently at the unix level
they login as the specific user and then sudo to oracle, at the same time a
piece of unix software in the background captures all of their actions.
They want to do the same in Windows.

There curently exists an Auditing system for Enterprise Manager as explained in Chapter 4.5 of the Enterprise Manager Advanced Configuration 10g Release 2 (10.2) guide (B16242-01) but this auditing is only for the purpose of creating new users/jobs in Grid Control and will not audit browser actions, including point and click actions by DBAS on target databases.

Even if Grid Control keeps a small log of what the console login is doing, that should be ok. I have heard this security concern voiced by a number of Dbas in the past few years, they are wary of what a junior Dba would be able to do using the point and click.This is why they are loathe to move to Grid Control. So auditing their point and clicks would go some way in allaying their fears.

Until Grid Control itself keeps a log, is there any suggestion from anyone
as to what can be done to audit browser actions in conjunction with the use of Grid Control?

 out of  found this valuable. Do you find this valuable?    

• Post reply