I want to enable auditing in my database. The auditing is very basic just to keep track of user logging and log out information.
But I have few concerns :-
1) Will it affect the database process? Will it causeany performance issue and space issue...
2) How long is the retention period? We know that audit logs can grow exponentially so i want to keep only 1 month audit log. How can this be achieved.
3) What sort of information are the audit logs tracking? Can it monitor level of detail that at least we know that my osuser id is using SYSTEM database user id. This would keep track of any unwanted user logging in the system using system/admin user ids which does not belong to them.
What i mean to say is if any system user is connecting using some TOAD or this kind of application then will it be recorded in AUDIT log.
The overheads of auditing only logins/logoffs will be minimal and should have no effect on the performance of the database. Audit records are retained indefinitely until manually cleared down or purged by an automated script. This can be set to clear down data older than a month.
The audit records will include the client's hostname, oracle username, os username and the program being run, any of which can be used to track who is logging on and from where.