Audit analysis without SQL
Use the onshowaudit utility to extract data for audit analysis. This utility can perform some basic filtering such as user or database server name. You can then send the extracted data to standard output (for example, your screen) and use UNIX™ utilities such as grep, sed, and awk or Windows™ utilities to analyze it. You can also put the data in a database and analyze it with SQL, as the next section describes.
Only the AAO can run onshowaudit. If role separation is not enabled, user informix is the AAO. (Superuser root on UNIX is always an AAO.) Because disclosure of audit records represents a security threat, only the AAO must read the extracted records.
pat
from an audit file named laurel.12
,
on UNIX, and sends the audit
records to standard output: onshowaudit -I -f laurel.12 -u pat
The command-line syntax for how to extract information with onshowaudit is explained in The onaudit utility: Configure audit masks.