Differences

This shows you the differences between two versions of the page.

--- unifiedauditing [2015/07/21 14:47] – created z0hpvk
+++ unifiedauditing [2025/03/08 22:24] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-==== Unified Auditing ====
+===== Unified Auditing =====
-=== Check if Enabled ===
+==== Check if Enabled ====
 <code>select VALUE from V$OPTION
 where PARAMETER='Unified Auditing';</code>
-=== Enable ===
+==== Enable ====
   * Shutdown Database
   * cd $ORACLE_HOME/rdbms/lib
   * make -f ins_rdbms.mk uniaud_on ioracle
   * set AUDIT_TRAIL = NONE, otherwise both auditing mechanisms will run concurrently
+  * Start Database
+==== Configuration ====
+Records are written to the SGA queues and then periodically written to tables in the AUDSYS schema.\\
+If it is required that the audit details are immediately written to the tables then ...
+<code>BEGIN
+ DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY (
+  DBMS_AUDIT_MGMT.AUDIT_TRAIL_UNIFIED,
+  DBMS_AUDIT_MGMT.AUDIT_TRAIL_WRITE_MODE,
+  DBMS_AUDIT_MGMT.AUDIT_TRAIL_IMMEDIATE_WRITE);
+END;</code>
+When the database is in READ ONLY mode then audit records are written to $ORACLE_BASE/audit/$ORACLE_SID\\
+These files can then be later loaded into the database by ...
+<code>BEGIN
+ DBMS_AUDIT_MGMT.LOAD_UNIFIED_AUDIT_FILES;
+END;</code>
+==== Create Unified Audit Policy ====
+Create and enable an audit policy which will audit the creation of tables and sequences by user IAN.
+<code>CREATE AUDIT POLICY ian_audit_policy
+  PRIVILEGES CREATE TABLE, CREATE SEQUENCE
+  WHEN    'SYS_CONTEXT(''USERENV'', ''SESSION_USER'') = ''IAN'''
+  EVALUATE PER SESSION
+  CONTAINER = CURRENT;
+AUDIT POLICY ian_audit_policy;</code>
+==== Predefined Audit Policies ====
+  * ORA_SECURECONFIG (Enabled by default)
+  * ORA_DATABASE_PARAMETER
+  * ORA_ACCOUNT_MGMT