Oracle Database 26ai will be available on generic Linux platforms in January and soon on AIX and Windows
Purpose
Fine Grained Auditing is policy based conditional auditing that can be based on specific columns and specific column values.
DB Audit wends the audit trail to the SYS.FGA_LOG$ table in the database and omits SQL Text and SQL Bind.
XML Audit writes the audit trail in XML files sent to the operating system and omits SQL Text and SQL Bind.
SELECT name, value
FROM gv$parameter
WHERE name LIKE '%audit%';
NAME VALUE
------------------------------ ----------------------------------------
audit_sys_operations TRUE
audit_file_dest /u01/app/oracle/admin/test21db_iad25g/adump
audit_syslog_level
unified_audit_systemlog
unified_audit_common_systemlog
audit_trail DB
Pragmas
PRAGMA SUPPLEMENTAL_LOG_DATA(default, AUTO)
Security Model
Owned by SYS with EXECUTE granted to the AUDIT_ADMIN, EXECUTE_CATALOG_ROLE and OGG_APPLY_PROCREP roles.
dbms_fga.add_policy(
object_schema IN VARCHAR2 := NULL,
object_name IN VARCHAR2,
policy_name IN VARCHAR2,
audit_condition IN VARCHAR2 := NULL,
audit_column IN VARCHAR2 := NULL,
handler_schema IN VARCHAR2 := NULL,
handler_module IN VARCHAR2 := NULL, -- alerting mechanism
enable IN BOOLEAN := NULL,
statement_types IN VARCHAR2 := 'SELECT',
audit_trail IN PLS_INTEGER := 3,
audit_column_opts IN BINARY_INTEGER DEFAULT 0,
policy_owner IN VARCHAR2 := NULL);
GRANT EXECUTE ON dbms_fga TO uwclass;
GRANT select ON dba_audit_policies TO uwclass;
GRANT select ON dba_fga_audit_trail TO uwclass;
col name format a30
col value format a40
SELECT name, value
FROM gv$parameter
WHERE name LIKE '%audit%';
ALTER SYSTEM SET audit_sys_operations = TRUE SCOPE=SPFILE;
-- will require a restart so change it back
ALTER SYSTEM SET audit_sys_operations = FALSE SCOPE=SPFILE;
-- ALTER SYSTEM SET audit_file_dest = <dir> DEFERRED;