patternMinor
Problem with enabling System Audit (Firebird's Trace and Audit Services)
Viewed 0 times
problemwithauditsystemservicesfirebirdandtraceenabling
Problem
I would like to enable System Audit on my Firebird 2.5.9.27139 (x64) database (Windows 10), to inspect all queries performed on it.
I've already read some docs about what the configuration file should look like, but most likely I have some trivial problem with setting up all the paths and entries.
I would be very grateful if someone could have a glance at my settings and point out what I should change.
My database is located in: C:\KSBAZA\KS-APW\WAPTEKA.FDB
I would like to store all logs and trace config file in the directory: C:\DB_trace
In the main Firebird directory, I uncommented and set the line of firebird.conf file to:
Content of C:\DB_trace\apw_trace.conf:
After saving the changes to the firebird.conf file, I completely rebooted the machine (the editing was performed while the Firebird service was down.)
Moreover, I tried to place the apw_trace.conf file in the same dir as the firebird.conf one (now
I've already read some docs about what the configuration file should look like, but most likely I have some trivial problem with setting up all the paths and entries.
I would be very grateful if someone could have a glance at my settings and point out what I should change.
My database is located in: C:\KSBAZA\KS-APW\WAPTEKA.FDB
I would like to store all logs and trace config file in the directory: C:\DB_trace
In the main Firebird directory, I uncommented and set the line of firebird.conf file to:
AuditTraceConfigFile = C:\DB_trace\apw_trace.confContent of C:\DB_trace\apw_trace.conf:
enable true
log_filename C:\DB_trace\audit_trace_database.log
max_log_size 0
include_filter %(INSERT|UPDATE|DELETE)%
log_connection true
connection_id 0
log_transaction true
log_statement_prepare true
log_statement_free true
log_statement_start true
log_statement_finish true
log_procedure_start true
log_procedure_finish true
log_trigger_start true
log_trigger_finish true
log_errors true
log_warnings true
log_initfini true
log_sweep true
time_threshold 0
max_sql_length 65536
enabled true
log_filename C:\DB_trace\audit_trace_services.log
max_log_size 0
log_services true
log_errors true
log_warnings true
log_initfini true
After saving the changes to the firebird.conf file, I completely rebooted the machine (the editing was performed while the Firebird service was down.)
Moreover, I tried to place the apw_trace.conf file in the same dir as the firebird.conf one (now
AuditTraceConfigFile = apw_trace.conf), but without any result - there are no log files created in C:\DB_trace dir (should I touch these empty *.log files?).Solution
There are a number of things wrong with your config file:
Most of these errors could have been detected by inspecting the
And although the documentation in
Pattern is either database name without path or "SIMILAR TO"-based
regular expression which is matched against fully qualified database
path name.
It looks like you always need to actually specify a
The corrected entry, which works on my machine, is:
The syntax in Firebird 3 is slightly bit different, check the Firebird 3 release notes for details
enable trueshould beenabled true
log_filename C:\DB_trace\audit_trace_database.logshould belog_filename C:\\DB_trace\\audit_trace_database.log
log_connection trueshould belog_connections true
log_transaction trueshould belog_transactions true
Most of these errors could have been detected by inspecting the
firebird.log file.And although the documentation in
fbtrace.conf says:Pattern is either database name without path or "SIMILAR TO"-based
regular expression which is matched against fully qualified database
path name.
It looks like you always need to actually specify a
SIMILAR TO pattern matching the path of the database, for example %[\\/]WAPTEKA.FDB.The corrected entry, which works on my machine, is:
enabled true
log_filename C:\\DB_trace\\audit_trace_database.log
max_log_size 0
include_filter %(INSERT|UPDATE|DELETE)%
log_connections true
connection_id 0
log_transactions true
log_statement_prepare true
log_statement_free true
log_statement_start true
log_statement_finish true
log_procedure_start true
log_procedure_finish true
log_trigger_start true
log_trigger_finish true
log_errors true
log_warnings true
log_initfini true
log_sweep true
time_threshold 0
max_sql_length 65536
The syntax in Firebird 3 is slightly bit different, check the Firebird 3 release notes for details
Code Snippets
<database %[\\/]WAPTEKA.FDB>
enabled true
log_filename C:\\DB_trace\\audit_trace_database.log
max_log_size 0
include_filter %(INSERT|UPDATE|DELETE)%
log_connections true
connection_id 0
log_transactions true
log_statement_prepare true
log_statement_free true
log_statement_start true
log_statement_finish true
log_procedure_start true
log_procedure_finish true
log_trigger_start true
log_trigger_finish true
log_errors true
log_warnings true
log_initfini true
log_sweep true
time_threshold 0
max_sql_length 65536
</database>Context
StackExchange Database Administrators Q#273221, answer score: 3
Revisions (0)
No revisions yet.