
Security
|
107
Auditing
Just as monitoring resource usage is an important way to
understand performance issues, auditing is a way to track
usage in the database and to become aware of potential secu-
rity issues.
For some time, Oracle has allowed three different types of
auditing:
Statement auditing
Audits the statements issued on the database for specific
users or for all users.
Privilege auditing
Audits the use of system privileges for specific users or
for all users.
Schema object auditing
Audits a specific set of SQL statements on a particular
schema object.
Oracle9i Database and Oracle Database 10g also allow a
fourth type of auditing, called fine-grained auditing, which is
explained later, in the “Fine-grained auditing” section.
For all types of auditing, Oracle writes audit records to one
of these locations: a database audit trail; the SYS.FGA_
LOG$ table; or an operating system file (in binary format).
The audit trail records contain different information,
depending on the type of auditing and the options set for the
auditing.
Whether or not auditing is enabled for your Oracle data-
base, the following actions always generate records for the
operating system audit trail:
• Instance startup
• Instance shutdown
• Access by users with administrator privileges