Unified Audit Policy Wizard (Oracle)

From DBArtisan
Jump to: navigation, search

Go Up to Oracle Object Wizards

In unified auditing, the unified audit trail captures audit information from a variety of sources.

To create a new Unified Audit Policy using a wizard:

  1. Click Schema, and then click Audit Unified Policies.
  2. Use the following topics as a guide to setting properties and performing tasks as you pass through the wizard panels:
  3. Finally, use the Finish button to create the object.

Unified Audit Policy Wizard (Oracle) - Properties

When creating or editing a unified audit policy, this tab/panel allows you to set values on the following properties:

Property Description

Name

Specify the name of the unified audit policy that you want to create.

Audit Condition

Specify a condition that determines whether the unified audit policy is enforced.

Evaluate Option

Select whether you want the unified audit policy to evaluate the Audit Condition per statement, session, or instance.

  • Evaluate per statement evaluates the Audit Condition for each auditable statement. If the Audit Condition is TRUE, then the unified audit policy is enforced for the statement.
  • Evaluate per session evaluates the Audit Condition once for the first auditable statement executed during the session. If the Audit Condition is TRUE, then the unified audit policy is enforced for all applicable statements for the remainder of the session.
  • Evaluate per instance evaluates the Audit Condition once for the first auditable statement executed during the instance lifetime. If the Audit Condition is TRUE, then the unified audit policy is enforced for all applicable statements for the remainder of the lifetime of the instance.

Container

Specify the scope of the unified audit policy. Use ALL to create a common unified audit policy or use CURRENT to create a local unified audit policy.

Enable

Enables or disables the unified audit policy when added. By default, this checkbox is checked.

Unified Audit Policy Wizard (Oracle) - Roles

Specify one or more user- or pre-defined roles to be audited. This audits all system privileges granted directly to the role. For a list of predefined roles, refer to Oracle Database Security Guide.

Unified Audit Policy Wizard (Oracle) - Privileges

Select one or more system privileges for audit. SQL statements that require the system privilege(s) in order to succeed are audited. Note that you cannot audit the following system privileges: INHERIT ANY PRIVILEGES, SYSASM, SYSBACKUP, SYSDBA, SYSDG, SYSKM, SYSOPER, and TRANSLATE ANY SQL.

Unified Audit Policy Wizard (Oracle) - Component Actions

Specify one or more component actions to be audited. Components include:

  • DATAPUMP Audits actions for Oracle Data Pump.
  • DIRECT_LOAD Audits actions for Oracle SQL Loader Direct Path Load.
  • OLS Audits actions for Oracle Label Security.
  • XS Audits actions for Oracle Database Real Application Security.
  • DV Audits actions for Oracle Database Vault.

For more information about auditing these components, see Oracle Database Security Guide.

Note: Use the Standard Actions page to audit actions on standard RDBMS objects and system actions for the database.

Unified Audit Policy Wizard (Oracle) - Standard Actions

Specify one or more standard RDBMS objects and system actions for the database to be audited. Standard actions include:

  • SYSTEM_ACTION Audits system actions for the database. Use the ALL clause to audit all system actions for the database.
  • OBJECT_ACTION Audits actions on the specified object. Use the ALL clause to audit all standard actions on the specified object.

For more information about auditing these components, see Oracle Database Security Guide.

Note: Use the Component Actions page to audit component actions for the specified components.

Unified Audit Policy Wizard (Oracle) - User Configuration

Specify one or more user accounts to audit using the unified audit policy.