12c Unified Auditing (12c New Features)

Unified Audit (12c New Features)
-------------------------------------------
new parameter:
UNIFIED_AUDIT_SGA_QUEUE_SIZE (1 MB to 30MB) is introduced.
This parameter configures the size of SGA queue for unified auditing.
UNIFIED AUDIT:
-----------------------
QUEUED Mode (default). Audit records stored in the SGA and periodically flushed.
Immediate: Audit records written immediately.
Roles:
-------
 AUDIT_ADMIN and AUDIT_VIEWER to administer unified auditing.

Create auditing policy
-----------------------
SQL> create audit policy mono_audit
  privileges
   alter database, select any table
  actions
   logon, select on HR.employees;  2    3    4    5 
Audit policy created.

SQL> audit policy mono_audit;
Audit succeeded.

ENABLE AUDIT POLICY
---------------------------------
enable audit for all users
SQL>  audit policy  mono_audit ;
Audit succeeded.

Check Audit :
-----------------------
SQL> select POLICY_NAME,AUDIT_CONDITION from audit_unified_policies where POLICY_NAME like '%MONO%';
POLICY_NAME   AUDIT_CONDITION
---------------------------------------------------
MONO_AUDIT         NONE

Check Enable Audit Policy
----------------------------------
select policy_name,user_name from audit_unified_ENABLED_POLICIES ;
SQL>
POLICY_NAME          USER_NAME
--------------------------------
MONO_AUDIT         TEST
ORA_SECURECONFIG        ALL USERS
MONO_AUDIT  ALL USERS

Manual Flush
-------------------
if the audit trail mode is set to QUEUED, then audit records are not written to disk till the time memory queues become full.
SQL>  EXEC DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL;
PL/SQL procedure successfully completed.

View audit trail records
--------------------------
Data is stored in the AUDSYS schema and SYSAUX tablespace.
SQL>  alter system set audit_trail=XML scope=spfile;
System altered.
SQL> SELECT  SCN, SQL_TEXT FROM UNIFIED_AUDIT_TRAIL where DBUSERNAME='SYS' and sql_text like 'alter system%';
       SCN SQL_TEXT
---------- --------------------------------------------------------------------------------
   1732822 alter system set audit_trail=XML scope=spfile

DISABLE POLICY
------------------
SQL> NOAUDIT POLICY mono_audit;
Noaudit succeeded.

DROP POLICY
------------
SQL> DROP AUDIT POLICY mono_audit;
Audit Policy dropped.

Comments

Post a Comment

Popular posts from this blog

Oracle DataGuard – How to resize Redo Log and Standby Redo Log

Oracle DataGuard – How to resize Redo Log and Standby Redo Log set linesize 200 col dest_name for a30 select DEST_NAME,STATUS,PROTECTION_MODE,ARCHIVED_SEQ#,APPLIED_SEQ# from v$archive_dest_status; On Standby server - make file management parameter to manual if not: show parameter standby; alter system set standby_file_management=manual; ================== +     On Primary             + ==================  SQL> select group#,thread#,status from v$log; col member for a60 set linesize 200 select member,group#,status from v$logfile; SQL> select group#,thread#,status from v$log;     GROUP#    THREAD# STATUS ---------- ---------- ----------------          1          1 ACTIVE          2       ...
Read more

Exadata - Smart Scan Testing

Image
Exadata - SMART SCAN testing -------------------------------------------- Samrt scan works with cell offloading which relate to offloaded the sql processing from the database layer to the cell (storage) layer. Smart scan is the access mechanism to offload data from storage layer. For example passing only required data blocks after applying predicate filters at the cell layer instead of sending every possible blocks from cell server to database server.                           Figure 1: Traditional Database Storage I/O and SQL Processing Model   Process Steps: ------------------- 1.    The client issues a SELECT statement . 2.    The database kernel maps this request to the database files and extents which contain the table data. 3.    The database kernel issues the I/Os to read all the table bloc...
Read more

Exadata Flash Cache - Management

Total size of Flash CellCLI>  list flashcache attributes effectiveCacheSize          5.82122802734375T Flashcache Mode:  [root@Cellc01-adm ~]# su - celladmin cellcli CellCLI>  list cell attributes flashCacheMode,status          WriteThrough    online > list celldisk where disktype=flashdisk > list physicaldisk FLASH_1_1 detail List PhysicalDisk for FlashCache: CellCLI> list physicaldisk attributes name, disktype, makemodel, physicalrpm, physicalport, status      8:0           HardDisk      "HGST    H7240AS60SUN4.0T"                              normal      8:1  ...
Read more