Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 17 » SQL Anywhere Server - Database Administration » Database configuration » Database options » Alphabetical list of database options

audit_log option

Specifies the type and location of the audit log.

Allowed values
[ TRANSLOG 
  | SYSLOG  
  | FILE ( filename_prefix='path-and-filename'; [ target-parameter [;...] ])
]

target-parameter : 
  target-parameter-name = target-parameter-value[;...]

target-parameter-name
{   
  | max_size;
  | num_files;
  | flush_on_write;
  | compressed; 
}
Parameters
Parameter name Value
filename_prefix

A log file name prefix with or without a path. All log files have the extension .etd. If a full path is not specified, then the directory where the database is located is used as the root directory. This parameter is required.

max_size

The maximum size of the file in bytes. The default is 0, which means there is no limit on the file size, and the file grows as long as disk space is available. Once the specified size is reached, a new file is started.

num_files

The number of files where event tracing information is written. This setting is used only if max_size is set. If all the files reach the maximum specified size, then the database server overwrites the oldest file.

flush_on_write

A Boolean value that controls whether disk buffers are flushed for each event that is logged. The default is ON. When this parameter is turned on, the performance of the database server may be reduced if many trace events are being logged.

compressed

A Boolean value that controls compression of the log file to conserve disk space. The default is OFF.

Default

Empty string

Scope
  PUBLIC role For current user For other users
Allowed to set permanently? Yes, with SET ANY SECURITY OPTION No No
Allowed to set temporarily? Yes, with SET ANY SECURITY OPTION No No
Remarks

This option specifies where to write auditing events. If the audit_log option is not specified, or if an empty string is specified, then auditing events are logged to the transaction log (TRANSLOG) by default.

To turn off the transaction log while auditing is enabled, audit_log must be set to FILE or SYSLOG. If audit_log is set to the transaction log, then the transaction log cannot be turned off (until a file is specified).

If audit_log is set to SYSLOG, then events are logged to your operating system's event tracing log. The event tracing log differs between Windows and Unix:

  • On Windows operating systems, the event tracing log is the Windows Event log. Events have source names beginning with SQLANY and can be viewed by navigating to Start of the navigation path Event Viewer (Local) Next navigation step Windows Logs Next navigation step Applications End of the navigation path in the Event Viewer Utility.
  • On Unix operating systems, the event tracing log is the syslog facility.

Duplicate target names are not allowed. If FILE, TRANSLOG, or SYSLOG is specified twice, then an error is returned.

When disk sandboxing is enabled, any file referenced in the audit_log option must be in an accessible location.

If the value of audit_log is invalid, or if any audit log target cannot be started, then an error is returned and the previous value of audit_log is restored. If the previous value cannot be restored, then the audit_log option defaults to the transaction log, and a message appears in the database server messages window. However, the previous value of the audit_log option is maintained.

If an attempt to log in to the file fails, then audit events may be missing from a FILE target. If a logging failure occurs, then a message appears in the database server messages window to indicate the earliest occurrence of a failure.

For the audit_log option to work, set the auditing option to On, and also specify which types of information you want to audit by using the sa_enable_auditing_type system procedure.

If a FILE target is specified, then the database uses an internal trace event session named audit to log auditing events to the specified file. The internal trace event session cannot be modified by the user. The trace event session used for auditing differs from user trace event sessions in the following ways:

  • If a full path is not specified for the filename_prefix parameter, then the directory where the database is located is used as the root directory.
  • The flush_on_write parameter is set to ON by default.

Example

The following statement sets the audit log to the database's transaction log.

SET OPTION PUBLIC.audit_log = 'TRANSLOG'

The following statement sets the audit log to a file target.

SET OPTION PUBLIC.audit_log = 'FILE(filename_prefix=c:\audit)'