This module discussed the use of auditing and how it is used in Oracle. Now you should be able to:
- List the types of things that can be audited
- Enable the audit feature
- Audit the use of a SQL statement
- Generate audit trail reports
- Audit the use of a specific Oracle privilege
- Audit the use of specific database objects
- Delete old audit trail records
Auditing allows you to discover who did what with your data.
Auditing is the process of creating a history of access that can be used to understand database operations as well as spot access violations and attempts.
When you are configuring Oracle Database 11g, youwill be asked if youwant to keep the default security settings. If you do, auditing will be enabled and a new default password profile option will be in place.
A number of other database initialization parameters will be reset at this time.
The database initialization parameter AUDIT_TRAIL controls the enabling and disabling of auditing. The default setting for this parameter is NONE, which means that no auditing will be performed, regardless of whether or not AUDIT commands are issued.
It is important to remember that any auditing statements issued will not be performed if
AUDIT_TRAIL=NONE.
Unless auditing is enabled in the
database parameter initialization file, any auditing options that have been turned on will not create records in the audit trail. Auditing is not completely disabled unless it is set to NONE in the database parameter initialization file.
You must set the database initialization parameter AUDIT_TRAIL to DB or OS in order to enable auditing. The DB setting means the audit trail records are stored in the database in the SYS.AUD$ table.
OS
will send the audit trail records to an operating system file and the OS setting is
operating system-dependent and is not supported on all operating systems.
Creating an audit trail is an invaluable tool for a variety of diagnostic and analytical tasks. You may not have to worry about auditing on a daily basis, but when something in your Oracle database requires further examination, auditing can help you immensely.
In the next module, you will learn how Oracle supports other languages.