Skip to Main Content
  • Questions

  • Intercept and manipulate queries and resultsets

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Enbee.

Asked: February 04, 2016 - 2:15 pm UTC

Last updated: February 05, 2016 - 2:18 am UTC

Version: All versions

Viewed 1000+ times

You Asked

Hi Guys,

Is there a way to intercept and potentially manipulate queries and resultsets at the wire level? I would like to put a proxy in front of the existing Oracle instance, enabling me to do some basic manipulation of the incoming query before passing it on to the real Oracle instance and possibly some alterations to the data on the way back. Then I would point all existing applications (and there are lots) to the new proxy as well as re-pointing developers/administrators who normally connect using Toad to the new proxy. I'd ideally like to know if there are any commercial products out there or alternatively any suggested approaches?

Thanks,

Enbee

and Connor said...

Some options, both commercial and home-grown are listed in this paper

http://www.nyoug.org/Presentations/2008/Sep/Harris_Listening%20In.pdf

and a quick google turned up

http://www.whitesands.com/sql-capture/

I havent seen or used these products, so I can't give you any kind of feedback or endorsement.

I do remember such things being all the rage a number of years back, but with the increased prominence of security, I think the challenge has been that so much traffic nowadays is encrypted by default.

Depending on the level of interception etc, you might want to consider things at the database level ? eg RLS, sql translation, query rewrite, or advanced rewrite ?

Hope this helps. Others are welcome to provide their thoughts via review.

Is this answer out of date? If it is, please let us know via a Comment
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

Security

All of the vital components for a secure database are covered in the Security guide.