We have the obligation to enable auditing on Sybase ASE (Adaptive Server Enterprise / 15.7 / EBF 27351 SMP SP139 / P / ia64 / HP-UX B.11.31 / ase157sp138x / 4041/64 bit / / FBO / Mar Aug 08 07:33:11 2017) and I have activated the same thing on the master database below:
I had the impression that this would also allow to audit any login / user changes (sp_addlogin, sp_modifylogin, sp_droplogin, sp_adduser, sp_dropuser), because the creation / deletion / modification was handled at the same time. main level, but this information was incorrect because it only applied to objects and not users / connections. Recently, when I deleted a user, it was not logged in the audit event. After checking several documents in the Sybase documentation and on different portals on the Internet and with the help of a provider, we learned that another type of audit (login_admin) needs to be enabled to capture these events in audit events.
I've executed the command below and expected it to solve the underlying problem:
1> sp_audit "login_admin", "all", "all", "on" 2> to go The audit option was changed and took effect immediately. (return status = 0) 1> sp_displayaudit "login" 2> to go The audit is currently enabled in no connection. (return status = 0) 1>
As the result of sp_displayaudit shows, the connections are still not audited. I'm not really sure if this requires the ASE reboot to take effect or if I'm missing something here.
Any help would be greatly appreciated.