Hi Walter, Thanks for your feedback and suggestions. Although I believe you may have misunderstood or assumed a few key points on this thread. The original question was just to get the creation time of tables. I answered that question and gave an example of different ideas on how the increased logging could benefit your infrastructure. In terms of auditing ddl changes in the logs, yes I do want an email. We all have different rules and regulations we need to follow. Most of us have more than one dba (or superuser) working in house. Or maybe you just started at a new place and wanted to quickly get a handle on whats going on. As for disaster recovery, I like to take the approach of “when it happens” more than “it will never happen because I did xyz.” It will rain, lets be ready for it. I was not implying to forgo a “security audit” or give every user super permissions, that will be just silly. In fact we just underwent a security review here but I would still like to have this in place. This additional logging/parsing is a second line of defense. When it does go down (think junior dba or oops I thought that was dev) at least you will know right away, have the exact second it happened and a paper trail. Pretty nice uh? I bet the boy scouts would be jealous about that:) Embrace those logs, parse them out, send emails, alerts, whatever. Nobody, system, or process is perfect. It will rain, how prepared are you going to be? Hoping for many sunny days ahead! -jason On April 7, 2014 at 6:26:38 PM, Walter Hurry (walterhurry@xxxxxxxxx) wrote:
This transmission contains confidential and privileged information intended solely for the party identified above. If you receive this message in error, you must not use it or convey it to others. Please destroy it immediately and contact the sender at (303) 386-3955 or by return e-mail to the sender. |
