/ Prompt Trigger LOGONAUDITING; -- -- LOGONAUDITING (Trigger) -- CREATE OR REPLACE TRIGGER SYS."LOGONAUDITING" AFTER LOGON ON DATABASE DECLARE V_machine VARCHAR2(64); v_osuser VARCHAR2(30); v_sid NUMBER(10); v_serial NUMBER(10); V_terminal VARCHAR2(30); v_program VARCHAR2(48); v_module VARCHAR2(48); v_status VARCHAR2(10); v_username VARCHAR2(30); v_PROXYUSER VARCHAR2(30); v_IPADDR VARCHAR2(20); CURSOR cur_logon IS SELECT sid, serial#, user, osuser, SYS_CONTEXT('userenv','proxy_user'), SYS_CONTEXT ('userenv','IP_address'), machine, terminal, program, module FROM v$session WHERE audsid = userenv('sessionid'); BEGIN v_status:='ACCEPT'; OPEN cur_logon; FETCH cur_logon INTO v_sid, v_serial, v_username, V_osuser, v_proxyuser, v_ipaddr, v_machine, v_terminal, v_program, v_module;
IF ((v_username ='TEAMEVD') AND (v_machine like 'CORP%' or v_machine like 'TTL
NEWCIRCLE%' or v_machine like 'CORP\FARHA%' or v_machine like 'ENTCORP%' OR v_program like '%Developer%')) THEN v_status := 'REJECT'; END IF; INSERT INTO DBA_logonaudit(event, sid, serial#, timestamp, username, proxyuser, ipaddr, osuserid, appuser, machinename, terminal, program, module, status) VALUES ( 'LOGON', v_sid, v_serial, sysdate, user, v_proxyuser, v_ipaddr, v_osuser, 'TBD', v_machine, v_terminal, v_program, v_module, v_status); -------------commit; IF v_status = 'REJECT' THEN sys.dbms_system.ksdwrt(3, ' USERNAME ' || v_username || ' OSUSER ' || v_osuser); raise_application_error(-20101, 'Access from Toad/Sqlplus is not allowed from this user. Please contact DBAs for help!!!'); END IF; CLOSE cur_logon; END; /
_____
Prompt drop Trigger LOGONAUDITING;
DROP TRIGGER SYS.LOGONAUDITING / Prompt Trigger LOGONAUDITING; -- -- LOGONAUDITING (Trigger) -- CREATE OR REPLACE TRIGGER SYS.LOGONAUDITING AFTER LOGON ON DATABASE DECLARE v_sid NUMBER(10); v_serial NUMBER(10); v_username VARCHAR2(30); v_osuser VARCHAR2(30); v_PROXYUSER VARCHAR2(30); v_IPADDR VARCHAR2(20); V_machine VARCHAR2(64); V_terminal VARCHAR2(30); v_program VARCHAR2(48); v_module VARCHAR2(48); v_status VARCHAR2(10); v_count NUMBER(10); CURSOR cur_logon IS SELECT SID, serial#, upper(USER), upper(osuser), SYS_CONTEXT('userenv','proxy_user'), SYS_CONTEXT ('userenv','IP_address'), upper(machine), upper(terminal), upper(program), upper(MODULE) FROM v$session WHERE audsid = USERENV('sessionid'); BEGIN v_status := 'ACCEPT'; v_count := 0; OPEN cur_logon; FETCH cur_logon INTO v_sid, v_serial, v_username, V_osuser, v_proxyuser, v_ipaddr, v_machine, v_terminal, v_program, v_module; IF (v_program LIKE '%TOAD%' OR v_program LIKE '%T.O.A.D%' OR v_program LIKE '% SQL%' OR v_program LIKE '%DEVELOPE%' OR v_module LIKE '%TOAD%' OR v_module LIKE '%T.O.A.D%'OR v_module LIKE '%SQL%' OR v_module LIKE '%DEVELOPE%') AND (v_m achine LIKE '%ENTCORP%' or v_machine LIKE 'CORP%') THEN SELECT count(*) INTO v_count FROM DB_RESTRICT_ACCESS WHERE username= v_username; IF v_count > 0 then v_status := 'REJECT'; ELSE v_status := 'ACCEPT'; END IF; END IF; INSERT INTO DBA_LOGONAUDIT(event, SID, serial#, TIMESTAMP, username, proxyuser, ipaddr, osuserid, appuser, machinename, terminal, program, MODULE, status) VALUES ( 'LOGON', v_sid, v_serial, SYSDATE, USER, v_proxyuser, v_ipaddr, v_osuser, 'TBD', v_machine, v_terminal, v_program, v_module, v_status); IF v_status = 'REJECT' THEN RAISE_APPLICATION_ERROR(-20101, 'Access from Toad and SQLPLUS is not all owed from this user. Please contact DBAs for help !!!'); END IF; CLOSE cur_logon; END; /