troubleshooting Question
Scripts / commands to detect failed DB login attempts and querying of unusual large amount of data
Without DB Activity Monitoring in place, we would like daily job/script
(Windows Scheduled Task for MS SQL and Unix cron for Oracle) to
detect if the following took place :
a) failed login attempts to a DB (even a single failed attempt)
b) unusual high amount of data being queried (say 10 times more
than last 30 days' average; if this is not possible, then 15MB of
data)
Q1:
Can provide the specific commands (SQL or OS) for both DB types
above for Windows & UNIX (Solaris & RHEL)?
Q2:
For item a above, which file in MS SQL & Oracle DB contain that info?
As the scripts run once/day, Ideally the script covers the last 24hrs
events/logs so that in the next run
(Windows Scheduled Task for MS SQL and Unix cron for Oracle) to
detect if the following took place :
a) failed login attempts to a DB (even a single failed attempt)
b) unusual high amount of data being queried (say 10 times more
than last 30 days' average; if this is not possible, then 15MB of
data)
Q1:
Can provide the specific commands (SQL or OS) for both DB types
above for Windows & UNIX (Solaris & RHEL)?
Q2:
For item a above, which file in MS SQL & Oracle DB contain that info?
As the scripts run once/day, Ideally the script covers the last 24hrs
events/logs so that in the next run
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 6 Answers and 12 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.