Configuring unified auditing for Oracle Database
When you configure unified auditing for use with database activity streams, the following situations are possible:
-
Unified auditing isn't configured for your Oracle database.
In this case, create new policies with the
CREATE AUDIT POLICY
command, then activate them with theAUDIT POLICY
command. The following example creates and activates a policy to monitor users with specific privileges and roles.CREATE AUDIT POLICY table_pol PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE ROLES emp_admin, sales_admin; AUDIT POLICY table_pol;
For complete instructions, see Configuring Audit Policies
in the Oracle Database documentation. -
Unified auditing is configured for your Oracle database.
When you activate a database activity stream, RDS for Oracle automatically clears existing audit data. It also revokes audit trail privileges. RDS for Oracle can no longer do the following:
-
Purge unified audit trail records.
-
Add, delete, or modify the unified audit policy.
-
Update the last archived timestamp.
Important
We strongly recommend that you back up your audit data before activating a database activity stream.
For a description of the
UNIFIED_AUDIT_TRAIL
view, see UNIFIED_AUDIT_TRAIL. If you have an account with Oracle Support, see How To Purge The UNIFIED AUDIT TRAIL . -