This is the information one should be looking for in database security logs.
Area Activity
System Access

• • Logins – Success / Fail
  • Account / Role / Permissions Changes
  • Password Changes

Data Access
· SELECT – Success / Fail
Data Change
· INSERT, UPDATE, DELETE
Schema / Object Changes
· CREATE, ALTER, DROP
Privileged User Activity
· All
System Changes

• • Configuration Changes
  • Startup / Shutdown
  • Enable / Disable Logs
  • Enable / Disable Services

Issues:

· Time Synchroinzation

· Protect from Read / Write

· Encrypt Sensitive / Data

· Storage and Archival

· Protect from DBA’s

· Know when configuration change / error occurs

· Review and Monitoring requirements