If it was recent enough that its still in the redo logs, you maybe able
to use Log Miner to analyze the redos and find the user.

Beth

-----Original Message-----
From: Lance A. Tamashiro [mailto:[Email Address Removed]
Sent: Thursday, February 28, 2002 10:12 AM
To: LazyDBA.com Discussion
Subject: Security/Audit Question


Hi Everyone:

I have a situation where it appears that a developer has sabotaged
another of the development teams in one of our development instances. We
are not running Archivelog mode. I am not trying to restore any data.
However overheard conversations suggests someone deliberately issued an
Alter table drop column command. My question is, is there anyway that I
can query dictionary tables to verify this and which user/osuser issued
the command?

You help would be greatly appreciated.
Thanks,
Lance A. Tamashiro


--------
Oracle documentation is here:
http://tahiti.oracle.com/pls/tahiti/tahiti.homepage
To unsubscribe: send a blank email to oracledba-[Email Address Removed] subscribe: send a blank email to oracledba-[Email Address Removed] the list archive: http://www.LAZYDBA.com/odbareadmail.pl
Tell yer mates about http://www.farAwayJobs.com
By using this list you agree to these
terms:http://www.lazydba.com/legal.html

Oracle LazyDBA home page