Oracle Database

Page 169

Managing the Database Audit Trail

Footnote 2: Process number is populated as ProcessId on UNIX systems. On Windows systems, the label is ProcessId:ThreadId (or ProcessId if it is not running as a thread). Note: If the AUDIT_TRAIL initialization parameter is set to XML or XML, EXTENDED, then Oracle Database sends standard audit records to operating system files in XML format. Because XML is a standard document format, many utilities are available to parse and analyze XML data.

If the database destination for audit records becomes full or unavailable, and, therefore, unable to accept new records, then an audited action cannot complete. Instead, Oracle Database generates an error message and does not audit the action. In most cases, using an operating system log as the audit trail destination allows the action to complete. See Also: ■ ■

"Keeping Audited Information Manageable" on page 10-15 "Controlling the Growth and Size of the Standard Audit Trail" on page 6-17

The audit trail does not store information about any data values that might be involved in the audited statement. For example, old and new data values of updated rows are not stored when an UPDATE statement is audited. However, this specialized type of auditing can be performed using fine-grained auditing methods. The DBA_COMMON_AUDIT_TRAIL view combines standard and fine-grained audit log records. You can use the Flashback Query feature to show the old and new values of the updated rows, subject to any auditing policy presently in force. The current policies are enforced even if the flashback is to an old query that was originally subject to a different policy. Current business access rules always apply. See Also: ■

"Using Fine-Grained Auditing to Monitor Specific Activities" on page 6-38 for more information about methods of fine-grained auditing Oracle Database Administrator's Guide for information about auditing table changes by using Flashback Transaction Query Flashback entries in the table of system privileges listed in the GRANT SQL statement section of Oracle Database SQL Language Reference

Note: To read from FLASHBACK_TRANSACTION_TABLE or

V$LOGMNR_CONTENTS, you need to have the SELECT ANY TRANSACTION system privilege.

Configuring Auditing

6-7

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.