2 Replies Latest reply: Oct 13, 2010 1:53 PM by 804309 RSS

    enable audit for all user

    804309
      Hi,

      I'm studying how to enable audit in oracle Database 11g r2.

      I found that if i wirte in *init${ORACLE_SID}.ora*:

      *.audit_trails='os'
      *.audit_syslog_level='local0.info'

      the audit logs will be sent to OS syslog with local0.info facility.

      My question is:

      Can i enable audit logs for all users (including admins) unlike the "application" user?

      Thanks
        • 1. Re: enable audit for all user
          Lubiez Jean-Valentin
          Hello,


          Yes, you can AUDIT even SYS Administrative User.

          Please, find below some documentations about how to enable auditing. The second link is far more detailed:

          http://download.oracle.com/docs/cd/E11882_01/server.112/e10575/tdpsg_auditing.htm#BCGGIAIC
          http://download.oracle.com/docs/cd/E11882_01/network.112/e16543/auditing.htm#BCGIDBFI


          Hope this help.
          Best regards,
          Jean-Valentin
          • 2. Re: enable audit for all user
            804309
            Hi,

            I try to enable audit in syslog for all users, but it doesn't work.

            If i run:

            SQL> SHOW PARAMETER AUDIT

            NAME TYPE VALUE
            ------------------------------------ ----------- ------------------------------
            audit_file_dest string /oradata/auditlogs
            audit_sys_operations boolean TRUE
            audit_syslog_level string LOCAL0.INFO
            audit_trail string OS

            I configure to send all audit information in syslog with local0.info facility.

            It works for al SYS (in log i see select, update, ec...) but i i try to connect with a new user it doesn't work.

            I try to add:
            AUDIT ALL BY myuser BY ACCESS;

            For myuser i see only login/logoff

            Any ideas?

            Thanks