O'Reilly logo

Oracle Security by Marlene Theriault, William Heney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Where to Audit

Once you’ve decided to enable some form of auditing, you next have to decide where the audit information will be stored. If the operating system supports an audit trail that’s stored outside the database, you can write the audit trail either directly to an operating system file or to the database.

Two INIT.ORA parameters control the auditing actions:

AUDIT_FILE_DEST

Tells Oracle the directory name in which the audit trail is to be written. The default value for this parameter is $ORACLE_HOME/RDBMS/AUDIT.

AUDIT_TRAIL

Enables or disables auditing.

As a value for AUDIT_TRAIL, specify one of these values: “NONE,” “OS,” or “DB.” If you specify “NONE” (the default), no non-default auditing will occur. If you specify “OS,” system-wide auditing will be turned on and the results written to a file in the AUDIT_FILE_DEST directory. The information written to the operating system file will be encoded and is not readable. If you specify “DB,” system-wide auditing will be enabled and the results stored in the SYS.AUD$ table in the sys schema in an unencoded, readable format.

Oracle supplies several views against the SYS.AUD$ table to make viewing of the audit information easier. Oracle-supplied tools, such as SQL*Plus, can be used to generate reports about the auditing outcome.

About the SYS.AUD$ Table

Because the SYS.AUD$ table is owned by sys, the values are stored in the system tablespace. High audit activity results in fragmentation of the system tablespace — not a good ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required