Chapter 1: System Procedures

sp_addaudittable

Description

Adds another system audit table after auditing is installed.

Syntax

sp_addaudittable devname

Parameters

devname: is the name of the device for the audit table. Specify a device name or specify “default”. If you specify “default”, Adaptive Server creates the audit table on the same device as the sybsecurity database. Otherwise, Adaptive Server creates the table on the device you specify.

Examples

Example 1

Creates a system audit table on auditdev2. If only one system audit table (sysaudits_01) exists when you execute the procedure, Adaptive Server names the new audit table sysaudits_02 and places it on its own segment, called aud_seg_02, on auditdev2:

sp_addaudittable auditdev2

Example 2

Creates a system audit table on the same device as the sybsecurity database. If two system audit tables (sysaudits_01 and sysaudits_02) exist when you execute the procedure, Adaptive Server names the new audit table sysaudits_03 and places it on its own segment, called aud_seg_03, on the same device as the sybsecurity database:

sp_addaudittable "default"

Usage

Auditing must already be installed when you run sp_addaudittable. To add a system audit table:
1. Create the device for the audit table, using disk init. For example, run a command like this for UNIX:
```
disk init name = "auditdev2",
physname = "/dev/rxyla", 
size = “5K”
```
2. Add the device to the sybsecurity database with the alter database command. For example, to add auditdev2 to the sybsecurity database, use:
```
alter database sybsecurity on auditdev2
```
3. Execute sp_addaudittable to create the table.
Adaptive Server names the new system audit table and the new segment according to how many audit tables are already defined. For example, if five audit tables are defined before you execute the procedure, Adaptive Server names the new audit table sysaudits_06 and the new segment aud_seg_06. If you specify “default”, Adaptive Server places the segment on the same device as the sybsecurity database. Otherwise, Adaptive Server places the segment on the device you name.
A maximum of eight audit tables is allowed. If you already have eight audit tables, and you attempt to execute sp_addaudittable to add another one, Adaptive Server displays an error message.
For information about how to install auditing, see the installation documentation for your platform. See the System Administration Guide for information on how to use auditing.

Permissions

Only a uses who is both a System Administrator and a System Security Officer to execute sp_addaudittable.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

Event	Audit option	Command or access audited	Information in extrainfo
38	exec_procedure	Execution of a procedure	Roles – Current active roles Keywords or options – NULL Previous value – NULL Current value – NULL Other information – All input parameters Proxy information – Original login name, if set proxy in effect