IBM Netezza Data Audit Trail

Managing sensitive data efficiently and securely is crucial for any organization. IBM Netezza provides robust native tools for creating a comprehensive Data Audit Trail. This functionality ensures data activities are logged and monitored, providing critical insights into database usage. Additionally, solutions like DataSunrise complement Netezza by offering advanced security and compliance features. This article explores the native IBM Netezza Data Audit Trail, demonstrates its implementation with SQL examples, and highlights how DataSunrise enhances this functionality.

Native IBM Netezza Data Audit Trail Features

The native IBM Netezza Data Audit Trail enables organizations to log and monitor database activity using built-in features. Key features include:

1. History Database Creation: A dedicated database for storing audit logs, configurable to track various activities.
2. Customizable Configurations: Define specific actions, users, or databases to be audited.
3. Comprehensive Logging: Logs session creations, terminations, query executions, and authentication failures.
4. Real-Time Monitoring: Provides immediate insights into database interactions for security and compliance purposes.

Configuring IBM Netezza’s Native Data Audit Trail

Prerequisites

Before setting up a Data Audit Trail, ensure you have administrative privileges and access to the terminal or a SQL client like DBeaver.

Step 1: Create an Audit User

CREATE USER audituser WITH PASSWORD 'password';
GRANT CREATE DATABASE TO audituser;

This creates a user that can interact with the history database.

Step 2: Create the History Database

Run the following command in the terminal:

nzhistcreatedb -d auditDB -t query -v 1 -u audituser -o audituser -p password

This creates a database named auditDB for storing audit logs. For more parameters, refer to IBM Documentation.

Step 3: Verify Database Creation

Connect to the system database:

nzsql -host localhost -port 5480 -u admin -pw password -d system

Then, list the databases:

\l

Ensure auditDB is listed.

Step 4: Create and Set History Configuration

Syntax for creating the history configuration:

CREATE HISTORY CONFIGURATION <config_name> <clause> [ <clause>… ]
Where <clause> represents one of :
HISTTYPE {QUERY | AUDIT | NONE} |
NPS [ LOCALHOST | <hostname> ] |
DATABASE <dbname> |
USER <username> |
SCHEMA <schemaname> |
PASSWORD <password> |
COLLECT <item>[,<item>…] |
LOADINTERVAL <number> |
LOADMINTHRESHOLD <number> |
LOADMAXTHRESHOLD <number> |
DISKFULLTHRESHOLD <number> |
STORAGELIMIT <number> |
LOADRETRY <number> |
ENABLEHIST <boolean> |
ENABLESYSTEM <boolean> |
VERSION <version> 
[ KEY key_store . key_alias ]
[ INCLUDING [ ALL | SUCCESS | FAILURE ] ]
Where <item> represents one of:
QUERY
PLAN
TABLE
COLUMN
SERVICE
STATE

Step 5: Restart the System

Restart Netezza to activate the configuration:

su - nz
nzstop
nzstart

Step 6: Test Audit Logging

Run a sample query to populate the audit tables:

SELECT * FROM TEST.S1.CITY;

View audit results:

SELECT SESSIONID, DBNAME, TABLENAME FROM AUDITDB.AUDITUSER."$hist_table_access_1";

To log failed login attempts, try logging in with incorrect credentials and query the relevant table:

SELECT NPSID, NPSINSTANCEID, LOGENTRYID, CLIENTIP, SESSIONUSERNAME, "TIME", FAILURETYPE, FAILURE FROM AUDITDB.AUDITUSER."$hist_failed_authentication_1";

Configuring DataSunrise for IBM Netezza Data Audit Trail

DataSunrise provides a centralized interface for advanced auditing and compliance. Follow these steps to configure it:

Step 1: Create a DataSunrise Instance

Assuming DataSunrise is installed, access the web interface and create an instance for IBM Netezza:

1. Navigate to the Instances section.
2. Select Add Instance and choose IBM Netezza as the database type.
3. Provide the connection details and credentials.

Step 2: Configure Audit Settings

DataSunrise allows fine-tuning of audit settings:

1. Action Settings: Specify the operations to be monitored and the database location for logging.

2. Filter Sessions: Restrict logging to specific sessions.

3. Filter Statements: Log only specific SQL statements.

4. Notification Settings: Set up alerts for unusual activities.

Step 3: View Audit Logs

Access the TransactionTrails section in DataSunrise to view logs. Use built-in filters to analyze specific activities or export data for compliance reports.

Benefits of Using DataSunrise with IBM Netezza

DataSunrise significantly enhances IBM Netezza’s native auditing by providing a range of robust features for streamlined data security and compliance. These include:

1. Centralized Rule Management: Easily configure and manage audit rules across multiple databases from a single interface.
2. Granular Filtering Options: Tailor the logging process with advanced filters for sessions, statements, and specific database actions.
3. Instant Alerts and Notifications: Receive real-time alerts for unauthorized access or suspicious activities, ensuring timely responses.
4. Regulatory Compliance Tools: Simplify the generation of audit reports to meet stringent regulatory requirements like GDPR, SOX, PCI DSS and HIPAA.
5. Comprehensive Visibility: View detailed transaction trails with flexible filtering and export options to enhance data analysis and security audits.

Conclusion

The native IBM Netezza Data Audit Trail offers robust tools for logging and monitoring database activities. By configuring a history database and defining history configurations, organizations can achieve effective auditing. Pairing this with DataSunrise’s advanced security rules provides centralized control, enhanced filtering, and compliance support.

For an online demonstration of DataSunrise’s capabilities, visit the official website. Discover how our flexible and advanced tools can elevate your database security and auditing to the next level.