Extended DB Features   «Prev  Next»
Lesson 1

Introduction to Oracle Auditing Features

You design and create your database to serve a set of purposes. But how do you know exactly how the database is being used in the real world?
Your Oracle database gives you the ability to audit its operations. This auditing capability will create a history of the interactions between users and the history of the database . This can be can used for various purposes, from diagnosing the cause of performance problems to checking for potential security violations.
By the time you complete this module, you should be able to:
  1. List the types of things that can be audited
  2. Enable the audit feature
  3. Audit the use of a SQL statement
  4. Generate audit trail reports
  5. Audit the use of a specific Oracle privilege
  6. Audit the use of specific database objects
  7. Delete old audit trail records
Security, Audit and Control FeaturesSecurity, Audit and Control Features

Although you may not need to audit your Oracle database in the course of normal operations, exceptional circumstances may cause you to need to take advantage of this feature.
In the next lesson, we will begin by looking at the types of things you can audit.
As a non-DBA user within an Oracle database, you cannot enable the auditing features of the database. If auditing has been enabled, there are data dictionary views that anyone can use to view the audit trail. Many different audit trail data dictionary views are available. Most of these views are based on a single audit trail table in the database (SYS.AUD$). The most generic of the audit trail views available is named USER_AUDIT_TRAIL. Since this view shows the audit records for many different types of actions, many of the columns may be inapplicable for any given row. The DBA version of this view, DBA_AUDIT_TRAIL, lists all entries from the audit trail table; USER_AUDIT_TRAIL lists only those that are relevant to the user. A vast number of auditing capabilities is available and each type of audit can be accessed via its own data dictionary view. The following are the available views:

USER_AUDIT_OBJECT For statements concerning objects
USER_AUDIT_SESSION For connections and disconnections
USER_AUDIT_STATEMENT For grant, revoke, audit, noaudit, and alter system commands issued by the user