11-Managing Privileges

All audit records to the database audit trail sysaud

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: atabase audit trail (SYS.AUD$) OS enables auditing and directs all audit records to the operating system audit trail NONE disables auditing (this is the default value) Managing Privileges Tathagata Bhattacharjee Auditing options Statement Auditing This is the selective auditing of SQL statements, not the specific object on which it operates E.g., AUDIT TABLE tracks several DDL statements regardless of the table on which they are issued You can set statement auditing to audit selected users or every user in the database SQL> AUDIT TABLE; Managing Privileges Tathagata Bhattacharjee Privilege auditing This is the selective auditing of system privileges to perform corresponding actions such as AUDIT CTREATE ANY TRIGGER. You can set privilege auditing to audit a selected user or every user in the database SQL> AUDIT create any trigger; Managing Privileges Tathagata Bhattacharjee Schema object auditing This is the selective auditing of specific statements on a particular schema object such as AUDIT SELECT ON hr.employee. Schema object auditing always applies to all users of the database SQL> AUDIT SELECT ON hr.employee; Managing Privileges Tathagata Bhattacharjee You can specify any auditing option and specify the following conditions: WHENEVER SUCCESSFUL / WHENEVER NOT SUCCESSFUL BY SESSION / BY ACCESS Managing Privileges Tathagata Bhattacharjee Viewing Auditing Options (Data Dictionary Views) ALL_DEF_AUDIT_OPTS Default audit option DBA_STMT_AUDIT_OPTS Statement auditing options DBA_PRIV_AUDIT_OPTS Privilege auditing options DBA_OBJ_AUDIT_OPTS Schema objects auditing options Managing Privileges Tathagata Bhattacharjee Obtaining Audit Records (Data Dictionary Views) DBA_AUDIT_TRAIL • All audits trail entries DBA_AUDIT_EXISTS • Records for AUDIT EXISTS/NOT EXISTS DBA_AUDIT_OBJECT • Records concerning schema objects DBA_AUDIT_SESSION • All connect and disconnect entries DBA_AUDIT_STATEMENT • Statement auditing records Managing Privileges Tathagata Bhattacharjee THANK YOU Managing Privileges Tathagata Bhattacharjee...
View Full Document

Ask a homework question - tutors are online