Previous Topic

Next Topic

Create Security_Alarm

Valid in: SQL, ESQL

The Create Security_Alarm statement specifies databases or the current installation the conditions that cause records to be written to the security log for one or more tables.

Security logging is enabled using the enable security_audit statement. To delete a security alarm, use the drop security_alarm statement. To determine what security alarms have been created for a table, use the help security_alarm statement.

Previous Topic

Next Topic

Syntax

The Create Security_Alarm statement has the following format:

[EXEC SQL] CREATE SECURITY_ALARM [alarm_name] ON

              [TABLE | DATABASE] [schema.]object_name {, [schema.]object_name} |

CURRENT INSTALLATION

              [IF SUCCESS | FAILURE | SUCCESS, FAILURE]

              [WHEN SELECT | DELETE | INSERT | UPDATE | CONNECT | DISCONNECT]

              [BY [USER | GROUP | ROLE] auth_id{, auth_id} | PUBLIC;]

              [RAISE DBEVENT [dbevent_owner.]dbevent_name [dbevent_text]]

Previous Topic

Next Topic

Embedded Usage

You cannot use host language variables in an embedded Create Security_Alarm statement.

Previous Topic

Next Topic

Permissions

You must be the owner of the table.

Previous Topic

Next Topic

Locking

The Create Security_Alarm statement locks the specified table, the iisecurity_alarms catalog, the iipermits catalog, and the iiprotect catalog.

Previous Topic

Next Topic

Related Statements

Disable Security_Audit

Enable Security_Audit

Drop Security_Alarm

Previous Topic

Next Topic

Examples: Create Security_Alarm

The following are Create Security_Alarm statement examples:

  1. Log all successful changes to the employee table.

    create security_alarm on table employee
    if success when insert, update, delete by public;

  2. Specify alarms for a specific user group or application role.

    create security_alarm clerk_update on table secure_data if failure when update by group clerk

    These alarms are fired when a session connects as the specified group or role.

  3. Specify alarm on a particular database or the current installation to raise an alarm when user, spy, connects to any database.

    create security_alarm secconnect on current installation when connect by user spy

  4. Raise an optional database event, secconnect, as the result of an alarm firing when user, spy, connects to database sec1.

    create security_alarm secconnect on database sec1
    when connect by user spy
    raise dbevent secconnect 'user spy connected to sec1 database';


© 2007 Ingres Corporation. All rights reserved.