Monday, 18 December 2017

What exactly is being audited in the DB?

A very nice site, with a clear explanation:

http://www.acehints.com/2012/12/how-to-check-what-is-getting-being.html

Below mentioned 3 data dictionary views can be used to fetch the details of the auditing.
  1. dba_obj_audit_optsData dictionary view will give the details of auditing options on all objects.user_obj_audit_opts view will provide the details of the auditing enabled on the objects on the particular user session connected

  1. dba_priv_audit_opts: Data dictionary view describes the current system privileges being audited across the database and by the user. The column username can be used to find the details user wise. The column value will be NULL for system-wide auditing

Example:
SQL> select * from DBA_PRIV_AUDIT_OPTS
SQL> /
USER_NAME  PROXY_NAME PRIVILEGE                      SUCCESS    FAILURE
---------- ---------- ------------------------------ ---------- ----------
                      CREATE EXTERNAL JOB            BY ACCESS  BY ACCESS
                      CREATE ANY JOB                 BY ACCESS  BY ACCESS
                      GRANT ANY OBJECT PRIVILEGE     BY ACCESS  BY ACCESS
                      EXEMPT ACCESS POLICY           BY ACCESS  BY ACCESS

  1. dba_stmt_audit_opts: Data dictionary view describes the current system auditing options across the database and by the user. The column username can be used to find the details user wise. The column value will be NULL for system-wide auditing

Example
SQL> select * from dba_stmt_audit_opts;

USER_NAME  PROXY_NAME AUDIT_OPTION                             SUCCESS    FAILURE
---------- ---------- ---------------------------------------- ---------- ----------
                      PROFILE                                  BY ACCESS  BY ACCESS
                      ROLE                                     BY ACCESS  BY ACCESS
                      DATABASE LINK                            BY ACCESS  BY ACCESS
                      PUBLIC SYNONYM                           BY ACCESS  BY ACCESS