Step 1: Run the following query. Value for below query should be TRUE.
select value from v$option where parameter = 'Unified Auditing';
Step 2 : As sysdba run the below
CREATE AUDIT POLICY SCOTT_DEPT_POL
ACTIONS DELETE on SCOTT.DEPT,
INSERT on SCOTT.DEPT,
UPDATE on SCOTT.DEPT;
AUDIT POLICY SCOTT_DEPT_POL;
Step 3: Check whether the policy was created
set linesize 200
column object_schema format a15
column object_name format a35
column object_type format a12
column audit_option format a15
column condition_eval_opt format a10
column audit_condition format a50
select object_schema,
object_name,
object_type,
audit_option,
condition_eval_opt,
audit_condition
from audit_unified_policies
where policy_name = 'SCOTT_DEPT_POL';
Step 4: Check if new records have been created in audit trail.
set linesize 200
column object_schema format a15
column object_name format a15
column action_name format a20
select event_timestamp,
dbusername,
action_name,
object_schema,
object_name
from unified_audit_trail
where OBJECT_NAME = 'DEPT' and event_timestamp > SYSDATE - 1
order by 1;
NOTE: You might need to flush the audit information before it is visible.
EXEC DBMS_AUDIT_MGMT.flush_unified_audit_trail;
No comments:
Post a Comment