Oracle Database 12c Logo

Traditional Database Auditing


Oracle Database provides robust audit support in both the Enterprise and Standard Edition of the database. Audit records include information about the operation that was audited, the user performing the operation, and the date and time of the operation. Audit records can be stored in the database audit trail or in files on the operating system. Standard auditing includes operations on privileges, schemas, objects, and statements.

Oracle recommends that the audit trail be written to the operating system files as this configuration imposes the least amount of overhead on the source database system. To enable database auditing, the initialization parameter, AUDIT_TRAIL, should be set to one of these values:

AUDIT_TRAIL settings
Parameter Value Meaning
DB Enables database auditing and directs all audit records to the database audit trail (SYS.AUD$), except for records that are always written to the operating system audit trail
DB,EXTENDED Does all actions of AUDIT_TRAIL=DB and also populates the SQL bind and SQL text columns of the SYS.AUD$ table
XML Enables database auditing and directs all audit records in XML format to an operating system file
XML,EXTENDED Does all actions of AUDIT_TRAIL=XML, adding the SQL bind and SQL text columns
OS (recommended) Enables database auditing and directs all audit records to an operating system file

In addition, the following database parameters should be set:

 init.ora parameter: AUDIT_FILE_DEST — Dynamic parameter specifying the location of the operating system audit trail. The default location on Unix/Linux is $ORACLE_BASE/admin/$ORACLE_SID/adump. The default on Windows is the event log. For optimal performance, it should refer to a directory on a disk that is locally attached to the host running the Oracle instance.
 init.ora parameter: AUDIT_SYS_OPERATIONS — Enables the auditing of operations issued by user SYS, and users connecting with SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSKM and SYSDG privileges. The audit trail data is written to the operating system audit trail. This parameter should be set to true.

For more information and best practices on Oracle Database Auditing please read the best practices paper on the Oracle Audit Vault OTN page. Detailed information on database auditing can be found in the introductory Oracle Database 2 Day + Security Guide and the Oracle Database Security Guide.


Security Solutions


Oracle Database Vault
Oracle Advanced Security
Oracle Label Security
Oracle Audit Vault and Database Firewall
Data Masking

Security Features


Strong Authentication
Network Encryption
Real Application Security
Unified Auditing
Secure External Password Store
Virtual Private Database
Traditional Database Auditing
Proxy Authentication
Enterprise User Security
Secure Application Roles
Fine Grained Auditing

Customer Successes


Industry leading organizations globally rely on Oracle Database Security Solutions to protect data privacy, address insider threats, and meet regulatory compliance - without changes to their existing applications, saving time and money.
Database Security Customers

Discussion Forums


Security
Oracle Audit Vault and Database Firewall

In-Memory Replay Banner