Sybase Configuration
- Enable auditing.
Sybase does not install the auditing components by default. It is worth configuring the auditing facility because you never know when you'll need it, even for the diagnosis of routine problems, let alone security issues.
Auditing is covered in depth in Chapter 12 of the Sybase ASE System Administration Guide, and we recommend that you read that chapter before proceeding, but briefly:
You can use the auditinit program or the installsecurity sql script to install the auditing capability.
You can check if auditing is already installed by running
sp_configure ‘auditing’
You can specify up to eight tables to store audit information; these tables are called sysaudits_01, sysaudits_02, and so on. Sybase recommends that you use at least two tables on separate devices so that audit logs can be archived from one table while another table is being written to.
You can define threshold procedures for each audit segment, to copy the data from the audit segment to some other, archive location. Use sp_addthreshold to add the procedure.
You can define the size of the audit queue — this is the number of audit records that Sybase can hold in memory before flushing the queue out to disk. This should be tuned to an appropriate value for your configuration — low values will mean more disk access, high values will mean better performance but an increased risk of the data in the queue being lost in the event of a server crash.
You should specify what you want to ...
Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
