Hi all we have the auditors here at work at the moment and they are hassling me with security logs.
We use AIX 5.3 and MAXDB 7.6
This is what they say:
Basic security logs need to be enabled like successful and failed logins etc. In addition business critical data needs to be identified and logs on those specific tables need to be enabled to ensure that any manipulation at the database level is addressed. Please bear in mind that we are only concerned with user accounts that are used by people to log directly onto the database.
So where are these logs kept, and keeping in mind that SAP has over 70 000 tables how am i going to identify the tables that need to be logged and how would i enable logging on those tables.
Can this even be done ?