AUDIT Traditional Auditing This section describes the AUDIT statement for traditional auditing, which is the same auditing functionality used in releases earlier than Oracle Database 12c.
Beginning with Oracle Database 12c, Oracle polarized oakley introduces unified auditing, which provides a full set of enhanced auditing features. For backward compatibility, traditional auditing is still supported. However, Oracle recommends that you plan the migration of your existing audit settings to the new unified audit policy syntax. For new audit requirements, Oracle recommends that you use the new unified auditing. Traditional auditing may be desupported in a future major release.To audit issuances of a SQL statement, you must have the AUDIT SYSTEM system privilege. However, the AUDIT SYSTEM system privilege is not required when you use the IN SESSION CURRENT clause.To collect auditing results, you must enable auditing by setting the initialization oakley sunglasses clearance sale parameter AUDIT_TRAIL to a value other than the default setting of NONE. You can specify auditing options regardless of whether auditing is enabled. However, Oracle Database does not generate audit records until you cheap real oakley sunglasses enable auditing.To audit operations on a schema object, the object you choose for auditing must be in your own schema or you must have AUDIT ANY system privilege. In addition, if the object you choose for auditing is a directory object, even if you created it, then you must have AUDIT ANY system privilege.To specify the CONTAINER clause, you must be connected to a multitenant container database (CDB). To specify CONTAINER = ALL, the current container must be the root and you must have the commonly granted AUDIT SYSTEM privilege in order to audit the issuances of a SQL statement, or the locally granted AUDIT ANY privilege in order to audit operations on a schema object. To specify CONTAINER = CURRENT, the current container must be a pluggable database (PDB) and you must have the locally granted AUDIT SYSTEM privilege in order to audit the issuances of a SQL statement, or the locally granted AUDIT ANY privilege in order to audit operations on a schema object.An AUDIT USER statement specifies the USER shortcut for auditing of all CREATE USER, ALTER USER, and DROP USER SQL oakley wiretap statements. Auditing in this case includes an operation in which a user changes his or her own password with an ALTER USER statement.An AUDIT ALTER USER statement specifies the ALTER USER system privilege for auditing of all operations that make use of that system privilege. Auditing in this case does not include an operation in which a user changes his or her own password, because that operation does not require the ALTER USER system privilege.Rather than specifying many individual system privileges, you can specify the roles CONNECT, RESOURCE, and DBA. Doing so is equivalent to auditing all of the system privileges granted to those roles.Oracle Database also provides three shortcuts for specifying groups of system privileges and statement options at once:ALL Specify ALL to audit all statements options shown in Table 13 1 but not the additional statement options shown in Table 13 2.ALL STATEMENTS Specify ALL STATEMENTS to audit all top level SQL statements executed. Top level SQL statements are issued directly by a user. SQL statements run from within a PL/SQL procedure or function are not considered top level statements. Therefore, this clause does not audit the statements executed within PL/SQL procedures or functions. However, the execution of the PL/SQL procedure or function itself is audited. This clause is useful if you want to audit all the statements in a specific environment, regardless of other auditing configurations that are system wide or user specific.ALL PRIVILEGES Specify ALL PRIVILEGES to audit system privileges.Specify the auditing_by_clause to restrict auditing to only SQL statements issued by the specified users. If you omit this clause, then Oracle Database audits all users' statements.Use this clause to limit auditing to the current session.Use the audit_schema_object_clause to audit operations on specific schema objects.Specify the SQL operation to be audited. Table 13 3 shows the types of objects that can be audited, and for each object the SQL statements that can be audited. For example, if you choose to audit a table with the ALTER operation, then Oracle Database audits all ALTER TABLE statements issued against the table. If you choose to audit a sequence with the SELECT operation, then the database audits all statements that use any values of the sequence.Specify ALL as a shortcut equivalent to specifying all SQL operations applicable for the type of object.The auditing_on_clause lets you specify the particular schema object to be audited."Auditing Queries on a Table: Example", "Auditing Inserts and Updates on a Table: Example", and "Auditing Operations on a Sequence: Example"schema Specify the schema containing the object chosen for auditing. If you omit schema, then Oracle Database assumes the object is in your own schema.object Specify the name of the object to be audited. The object must be a table, view, sequence, stored procedure, function, package, materialized view, mining model, or library.You can also specify a synonym for a table, view, sequence, procedure, stored function, package, materialized view, or user defined type.ON DEFAULT Specify ON DEFAULT to establish the specified object options as default object options for subsequently created objects. After you have established these default auditing options, any subsequently created object is automatically audited with those options. The default auditing options for a view are always the union of the auditing options for the base tables of the view. You can see the current default auditing options by querying the ALL_DEF_AUDIT_OPTS data dictionary view.When you change the default auditing options, the auditing options for previously created objects remain the same. You can change the auditing options for an existing object only by specifying the object in the ON clause of the AUDIT statement.Oracle Database Security Guide 11g Release 2 (11.2) for information on network auditing. Refer to Oracle Database Upgrade Guide for instructions on how to locate the Oracle Database 11g Release 2 (11.2) documentation.Use this clause to audit SQLLoader direct path loads.In earlier releases, BY SESSION caused the database to write a single record for all SQL statements or operations of the same type executed on the same schema objects in the same session. Beginning with this release of Oracle Database, both BY SESSION and BY ACCESS cause Oracle Database to write one audit record for each audited statement and operation.
BY SESSION continues to populate different values to the audit trail compared with BY ACCESS. Oracle recommends that you include the BY ACCESS clause for all AUDIT statements, which results in a more detailed audit record. If you specify neither clause, then BY ACCESS is the default.
Prev: oakley sunglasses clearance
Next: oakley sunglasses blue