The best way to speed up the auditing is as follow
1. prepare first sql script to backup databases, create devices, create sybsecurity and sybsecurity_archive database, then setup dboptions i.e trun log, select into.
2. telnet to the unix db server, run $SYBASE/$SYBASE_ASE/scripts/installsecurity
3. alter database sybsecurity onto new audit trail device, sp_addaudittable to all new audit trail devices, setup audit options with sp_audit. i.e. sp_audit “all”,”sa_role”,”all”,”on”, then shutdown the server
4. startup the server,
turn on auditing - sp_configure ‘auditing’, 1
configure auditing - sp_configure ’suspend audit when device full’, 0
create auditing archive table in sybsecurity_archive - select * into sybsecurity_archive..sysaudits from sysaudits_01 where 1=2
create procedure audit_threshold.
sp_addthreshold to sybsecurity
create ArchiveSysaudits procedure in sybsecurity_archive database.
create database dump devices for sybsecurity and sybsecurity_archive db.
5. schedule cronjobs to backup sybsecurity and sybsecurity_archive db daily, purge and archive auditing records. create dump directories for all the dump devices added.
No comments:
Post a Comment