If you manage a lot of Oracle, M$SQL, or DB2 – you need to check out Confio. Its an agent-less performance trending tool that will make you’re life much easier. It tracks every SQL run by user/client machine/sql statement/etc and trends those over time.
So I was listening to an IT security architect give an informative presentation on security and the topic came up about SQL injection and RDBMS security in general. It got me to thinking: If an enterprise really wanted to keep tabs on all of the goings-on in their databases for forensic purposes, why not leverage Confio that is already pulling that data?
Confio typically aggregates that data up after 30 days – so there is plenty of time to snag it all and store it in HDFS.
You could even pull Teradata’s dbc.qrylog while your at it.
Imagine knowing what SQL statements you ran 3+ years ago. Cool.