Auditing Type Description
Statement auditing Audits SQL statements by the type of statement regardless of the
specific schema objects being accessed. One or more users can
also be specified in the database to be audited for a particular
statement.
Privilege auditing Audits system privileges, such as CREATE TABLE or ALTER
INDEX. As with statement auditing, privilege auditing can
specify one or more particular users as the target of the audit.
Schema object auditing Audits specific statements operating on a specific schema
object (for example, UPDATE statements on the DEPARTMENTS
table). Schema object auditing always applies to all users in the
database.
Fine-grained auditing Audits table access and privileges based on the content of the
objects being accessed. Uses the package DBMS_FGA to set up
a policy on a particular table.
TABLE 9-16 Auditing Types
332 Oracle Database 11g DBA Handbook
The parameter AUDIT_TRAIL is not dynamic; the database must be shut down and restarted
for a change in the AUDIT_TRAIL parameter to take effect. When auditing to the SYS.AUD$ table,
the size of the table should be carefully monitored so as not to impact the space requirements for
other objects in the SYS tablespace. It is recommended that the rows in SYS.AUD$ be periodically
archived and the table truncated. Oracle provides the role DELETE_CATALOG_ROLE to use with
a special account in a batch job to archive and truncate the audit table.
Pages:
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546