Journaling functions have been on the platform since the very beginning. It’s first purpose was to register Data Base changes. But it happened to be an excellent tool for registering any kind of information, such as Security events, Job Accounting info, Application log. In this session we’ll start understanding how journal works, how to configure it, and finally how can be exploited. The ways to exploit it includes downloading the contents to an output file, analyzing the info with SQL functions, and reading the entries as they arrive to the journal.
Learning Objectives:
- Understand and analyze journal information in detail
- Optimize recovery procedures
- Optimize testing procedures
- Check Security events