unifiedauditing
Table of Contents
Unified Auditing
Check if Enabled
select VALUE from V$OPTION where PARAMETER='Unified Auditing';
Enable
- Shutdown Database
- cd $ORACLE_HOME/rdbms/lib
- make -f ins_rdbms.mk uniaud_on ioracle
- set AUDIT_TRAIL = NONE, otherwise both auditing mechanisms will run concurrently
- Start Database
Configuration
Records are written to the SGA queues and then periodically written to tables in the AUDSYS schema.
If it is required that the audit details are immediately written to the tables then …
BEGIN DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY ( DBMS_AUDIT_MGMT.AUDIT_TRAIL_UNIFIED, DBMS_AUDIT_MGMT.AUDIT_TRAIL_WRITE_MODE, DBMS_AUDIT_MGMT.AUDIT_TRAIL_IMMEDIATE_WRITE); END;
When the database is in READ ONLY mode then audit records are written to $ORACLE_BASE/audit/$ORACLE_SID
These files can then be later loaded into the database by …
BEGIN DBMS_AUDIT_MGMT.LOAD_UNIFIED_AUDIT_FILES; END;
Create Unified Audit Policy
Create and enable an audit policy which will audit the creation of tables and sequences by user IAN.
CREATE AUDIT POLICY ian_audit_policy
PRIVILEGES CREATE TABLE, CREATE SEQUENCE
WHEN 'SYS_CONTEXT(''USERENV'', ''SESSION_USER'') = ''IAN'''
EVALUATE PER SESSION
CONTAINER = CURRENT;
AUDIT POLICY ian_audit_policy;
Predefined Audit Policies
- ORA_SECURECONFIG (Enabled by default)
- ORA_DATABASE_PARAMETER
- ORA_ACCOUNT_MGMT
unifiedauditing.txt · Last modified: 2021/12/06 11:30 by 127.0.0.1