Audit logs required for Oracle Analytics Server > Administration > Manage privileges
Because the privileges are stored in the catalog, if the fields of "modified_by_name" and "modified_by_type" would behave like everything else in the catalog, the job would be done already and could be tracked with database auditing.
But apparently for the privileges these attributes of the catalog objects stay null all the time (while "modified_time" is correct).
Can you please provide the schema and table name where we can find the details in Database
It's the main catalog table css_si_files in the biplatform schema. But as said, the privileges are missing that info on the modification.
We do not have event-based audit for these privileges but you can run periodic reports to list who has these privileges. Please review the OAS docs for using runcat to report classic privileges:
https://docs.oracle.com/en/middleware/bi/analytics-server/security-oas/use-runcat-manage-security-tasks-presentation-catalog.html
Alternatively you can use the SOAP API getGlobalPrivileges: https://docs.oracle.com/middleware/12213/biee/BIEIT/methods.htm#i1009858
Creating queries against the BIPlatform schema to reverse engineer a solution is not a supported approach so at your own risk.
I've marked this Idea as 'current capability' although I accept there is no event-based audit.
