DBA_AUDIT_TRAIL
displays all standard audit trail entries.
Note:
This view is populated only in an Oracle Database where unified auditing is not enabled. When unified auditing is enabled in Oracle Database, the audit records are populated in the new audit trail and can be viewed from UNIFIED_AUDIT_TRAIL
.
See Oracle Database Security Guide for more information about unified auditing.
See Oracle Database Upgrade Guide for more information about migrating to unified auditing.
Related View
USER_AUDIT_TRAIL
displays the standard audit trail entries related to the current user.
Column | Datatype | NULL | Description |
---|---|---|---|
|
|
Operating system login username of the user whose actions were audited |
|
|
|
Name (not ID number) of the user whose actions were audited |
|
|
|
Client host machine name |
|
|
|
Identifier of the user's terminal |
|
|
|
Date and time of the creation of the audit trail entry (date and time of user login for entries created by |
|
|
|
Creator of the object affected by the action |
|
|
|
Name of the object affected by the action |
|
|
|
|
Numeric action type code. The corresponding name of the action type is in the |
|
|
Name of the action type corresponding to the numeric code in the |
|
|
|
Owner of the object named in the |
|
|
|
New name of the object after a |
|
|
|
Object privileges granted or revoked by a |
|
|
|
System privileges granted or revoked by a |
|
|
|
Indicates whether the role or system privilege was granted with the |
|
|
|
Name of the grantee specified in a |
|
|
|
Auditing option set with the |
|
|
|
Session summary (a string of 16 characters, one for each action type in the order
|
|
|
|
Date and time of user log off |
|
|
|
Logical reads for the session |
|
|
|
Physical reads for the session |
|
|
|
Logical writes for the session |
|
|
|
Deadlocks detected during the session |
|
|
|
Text comment on the audit trail entry, providing more information about the statement audited Also indicates how the user was authenticated. The method can be one of the following:
|
|
|
|
|
Numeric ID for each Oracle session. Each user session gets a unique session ID. |
|
|
|
Numeric ID for each audit trail entry in the session. The entry ID is an index of a session's audit entries that starts at 1 and increases to the number of entries that are written. |
|
|
|
nth statement in the user session. The first SQL statement gets a value of 1 and the value is incremented for each subsequent SQL statement. Note that one SQL statement can create more than one audit trail entry (for example, when more than one object is audited from the same SQL statement), and in this case the statement ID remains the same for that statement and the entry ID increases for each audit trail entry created by the statement. |
|
|
|
Oracle error code generated by the action. Some useful values:
|
|
|
System privilege used to execute the action |
|
|
|
Client identifier in each Oracle session |
|
|
|
Application execution context identifier |
|
|
|
Amount of CPU time used by each Oracle session |
|
|
|
Timestamp of the creation of the audit trail entry (timestamp of user login for entries created by |
|
|
|
Proxy session serial number, if an enterprise user has logged in through the proxy mechanism |
|
|
|
Global user identifier for the user, if the user has logged in as an enterprise user |
|
|
|
Instance number as specified by the |
|
|
|
Operating System process identifier of the Oracle process |
|
|
|
Transaction identifier of the transaction in which the object is accessed or modified |
|
|
|
System change number (SCN) of the query |
|
|
|
Bind variable data of the query |
|
|
|
SQL text of the query |
|
|
|
Name of the edition containing the audited object |
|
|
|
Database identifier of the audited database |
Note:
The SQL_BIND
and SQL_TEXT
columns are only populated if the AUDIT_TRAIL
initialization parameter is set to db
, extended
.
See Also: