Dear Team,
We are collecting audit logs from Oracle 11g (11.2.0.4.0) into a syslog server/SIEM solution for log monitoring and analysis.
For this we need to edit the parameter audit_trail to os,db etc.
But unfortunately, we are unable to find the file initORACLE_SID.ora, in which the audit_trail parameter is edited.
This file is missing in Oracle 11g.
Also, we tried to run the command - alter system set audit_trail=os scope=spfile;
after running this command, we are getting error - "insufficient privileges", where as we are logging in as admin, sysdba.
Attaching the screenshot below:

Can i request your help here in the above 2 scenarios.
I am from security background, need your help on the database part. Would be much appreciated.
Best Regards,
Praveen Kamble