I would like to enable System Audit on my Firebird 2.5.9.27139 (x64) database (Windows 10), to inspect all queries performed on it.
I've already read some docs about what the configuration file should look like, but most likely I have some trivial problem with setting up all the paths and entries.
I would be very grateful if someone could have a glance at my settings and point out what should I change.
My database is located in: C:\KSBAZA\KS-APW\WAPTEKA.FDB
I would like to store all logs and trace config file in the directory: C:\DB_trace
In the main Firebird directory, I uncommented and set the line of firebird.conf file to:
AuditTraceConfigFile = C:\DB_trace\apw_trace.conf
Content of C:\DB_trace\apw_trace.conf:
<database WAPTEKA.FDB>
enable true
log_filename C:\DB_trace\audit_trace_database.log
max_log_size 0
include_filter %(INSERT|UPDATE|DELETE)%
log_connection true
connection_id 0
log_transaction true
log_statement_prepare true
log_statement_free true
log_statement_start true
log_statement_finish true
log_procedure_start true
log_procedure_finish true
log_trigger_start true
log_trigger_finish true
log_errors true
log_warnings true
log_initfini true
log_sweep true
time_threshold 0
max_sql_length 65536
</database>
<services>
enabled true
log_filename C:\DB_trace\audit_trace_services.log
max_log_size 0
log_services true
log_errors true
log_warnings true
log_initfini true
</services>
After saving the changes to the firebird.conf file, I completely rebooted the machine (the editing was performed while the Firebird service was down.)
Moreover, I tried to place the apw_trace.conf file in the same dir as the firebird.conf one (now AuditTraceConfigFile = apw_trace.conf
), but without any result – they're no log files created in the C:\DB_trace dir (should I touch these empty *.log files?).
Thank you in advance for your help.
Best Answer
There are a number of things wrong with your config file:
enable true
should beenabled true
log_filename C:\DB_trace\audit_trace_database.log
should belog_filename C:\\DB_trace\\audit_trace_database.log
log_connection true
should belog_connections true
log_transaction true
should belog_transactions true
Most of these errors could have been detected by inspecting the
firebird.log
file.And although the documentation in
fbtrace.conf
says:It looks like you always need to actually specify a
SIMILAR TO
pattern matching the path of the database, for example%[\\/]WAPTEKA.FDB
.The corrected entry, which works on my machine, is:
The syntax in Firebird 3 is slightly bit different, check the Firebird 3 release notes for details