Oracle auditing setup and configuration

Oracle auditing setup & configuration
The Oracle audit command is used to to create specific audit trails for Oracle tables. to enable Oracle auditing you must set the initialization parameter "audit_trail = true" and run the cataudit.sql scripts (as SYS).
Managing Oracle audit trails
The Oracle audit command write the audit information to specific data dictionary views (BEWARE: These audit trail rows can quickly fill-up your SYSTEM tablespace, and special care needs to be taken to ensure that you do not "lock-up" your database fill filling the SYSTEM tablespace.
• dba_audit_exists
• dba_audit_object
• dba_audit_session
• dba_audit_statement
• dba_audit_trail
We also have these metadata views for Oracle auditing options:
• dba_obj_audit_opts
• dba_priv_audit_opts
• dba_stmt_audit_opts
Auditing the audit trail
Auditing the audit trail
Today, we need to audit the audit trail itself to prevent "inside jobs" and this Oracle command will record all changes to the audit trail. See my notes on the types of "inside jobs"
audit
delete,
insert,
update
on
sys.aud$
by access;
Auditing user activity with the Oracle audit command
Oracle has syntax for auditing specific user activity. To audit the activity of user FRED we could issue these audit commands: