Lesson Learned with Database Monitoring
A story from a client site: I was involved in an annual systems audit for a financial firm. Part of the audit included a review of database security and internal auditing processes. In talking with the information security team they had great difficulty with database monitoring and had run into a catch 22 situation. The database monitoring/auditing tool they had purchased was very complex to configure and relied upon a database to store all the rules and alerts. They also had real trouble determining the significance of all the alerts being generated and weren’t able to decide whether an alert was real or a false positive. They determined that they needed to hire a DBA to manage the monitoring system. At the time there was a hiring freeze so they ended up going to the DBA team to ask for assistance. This made the DBA team chuckle as the they now had access to both the production databases and the systems recording all their actions.
The moral of the story, beware that good intentions don’t make things worse.