Chapter 10. Developing an Audit Plan

Database auditing is the monitoring and recording of activities occurring within a database. You typically audit to ensure that no unauthorized users are removing data from the data dictionary or accessing tables they should not have the privileges to see. You might also want to audit specific tables that help you determine the volume of accesses occurring at peak times. This type of auditing is helpful in analyzing trends and evaluating system performance.

The Oracle RDBMS provides functions that let you audit most actions that can be taken within and against the database. These actions can include (but are not limited to) the following:

  • Viewing, modifying, or removing information from tables

  • Creating or removing objects like tables, indexes, views, procedures, triggers, etc.

  • Executing programs

This standard Oracle functionality does not support auditing at the row level. In other words, through standard auditing, you can audit actions that have been performed against a table, but not what has changed in a specific row of that table. To gain the ability to monitor who has changed a specific row of a table or exactly what action was taken against a row of a table, custom code is required; we’ll show you an example of such code in Chapter 11.

Note

This chapter mainly discusses the standard auditing functionality of Oracle. Where appropriate, we’ll mention custom approaches that you might want to take to extend this capability.

There are many schools ...

Get Oracle Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.