Table of Contents
Oracle NoSQL Database monitors and records security sensitive activities. These log messages are
available through the SN-local log files and the store-wide logging view. High risky
security activities are also visible by using the show events
command.
For ease of grepping and analysis, the auditing log message uses
KVAuditInfo as a prefix. For example:
# General audit logging: <Timestamp>: KVAuditInfo[user: <user_name>, clienthost: <client_host>, operation: <operation_description>, status: <SUCCESS/FORBIDDEN>, reason: <failure_reason>]
# General audit logging: # Particular logging for successful execution of plan: <Timestamp>: KVAuditInfo[<plan_name>, owned by <plan_owner>, executed by <plan_executor> from <client_host>, state=<end state of plan execution>]
To distinguish security related messages from standard log messages, the following two security related logging levels are introduced:
SEC_WARNING
Logs unauthenticated login, unauthorized read/write data access and unauthorized execution of CLI commands. Unauthenticated login does not log the reasons of failure.
SEC_INFO
Logs the success of a user login and the successful execution of plans that
require dbadmin or sysadmin role related
privileges.