Ask the Expert

Understanding the Audit Trail

Where is the Audit Trailand how does it work?

    Requires Free Membership to View

The Audit Trail is kept in an internal table, SYS.AUD$ or in an external file to the database. Which is used depends on the AUDIT_TRAIL initialization parameter. Many people keep the audit trail records in the SYS.AUD$ for safe keeping. Before you can use it, you have to set the AUDIT_TRAIL initialization parameter to DB or TRUE and then bounce your database. Then, you have to tell the database what to audit. This is done with the AUDIT command. You can audit database access or access to specific tables. Oracle9i also introduces fine-grained auditing where you can audit access to specific records in specific rows. Once you've set up auditing and told the database what to audit, everytime that condition is met, a record is placed in the audit trail. You can query the audit trail, if it is in SYS.AUD$, by query the DBA_AUDIT_* views.

One of Oracle's best experts on database security is Pete Finnigan. He has a Web site with plenty of examples and white papers on auditing in an Oracle database.

This was first published in May 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: