Oracle Database auditing with Oracle unified auditing

For any company requiring auditing requirements for their Oracle databases they should consider using Oracle's unified auditing. And, accordingly to our Oracle Specalist and Client Delivery Lead Brad Smith, here's why:
Facebook-f Twitter Youtube Linkedin
azure blob storage Azure Blobfuse Oracle Database Oracle backup
Picture of Written by Brad Smith

Written by Brad Smith

Client Delivery Lead for Oracle at Blue Crystal Solutions

How to use Oracle Unified Auditing to meet your auditing requirements for Oracle Database

For any company requiring auditing requirements for their Oracle database or databases they should consider using Oracle’s unified auditing. And here’s why:

Oracle unified auditing is a new auditing feature which was introduced first in Oracle 12.1 and is now Oracle’s recommended auditing option. Traditional auditing is deprecated from Oracle 21c. There are many reasons to add auditing to your database, these could be and not limited to – notification of unauthorized changes to important data, deter users, suspicious activity, unauthorized use of database and many other reasons. To enable unified auditing it requires the relinking of the Oracle binaries with the new uniaud_on and a restart of the instances.  It is highly recommended to place auditing inside it’s own tablespace, this can be done by allocating a tablespace for the unified auditing data. The audit trail and audit policies can be maintained by those users granted the AUDIT_ADMIN role.  For users that need to view the audit information, the AUDIT_VIEWER role can be assigned.

Oracle unified auditing advantages:
  • Single unified audit trail, simplifies managing multiple audit trails.
  • Predefined audit policies which may be useful out of the box.
  • Easily create audit policies to suit your company’s auditing requirements.
  • Auditing performance is improved for both reads and writes (12.2+).  Performance impacts are lower than traditional auditing.
  • Once enabled unified auditing is always on, no more needing to set different initialization parameters.
Oracle unified auditing recommendations:
  • Keep unified auditing in a separate tablespace.
  • Consider a retention policy for your auditing information.
  • Target auditing that is required only, collecting unnecessary audit information increases impacts on performance and increases storage use.

Some handy SQL to check whether Unified Auditing is enabled and currently in use:

Determine whether unified auditing is enabled within the database:

SELECT value from v$option where parameter = ‘Unified Auditing’;

Checking which policies are enabled:

SELECT policy_name, enabled_opt, user_name FROM audit_unified_enabled_policies

Check the default policies and conditions for pre-defined policies ORA_SECURECONFIG and ORA_LOGON_FAILURES:

SELECT policy_name,audit_option,condition_eval_opt,audit_condition FROM audit_unified_policies WHERE  policy_name in (‘ORA_SECURECONFIG’,’ORA_LOGON_FAILURES’) order by 1;

Oracle
Our Oracle Expertise

BCS has been Oracle Partners since our beginning in 2004. Our long history has enabled us to become experts in Oracle technology and the innovations their tools can enable. We’ve compiled a series of tech articles and case studies to demonstrate exactly that.

LEARN MORE
We're here to help.
NEWS
CONTACT US
Facebook-f Twitter Youtube Linkedin

Learn More.

ALL NEWS
Oracle Technical Consultant Marketing Assistant

Join Us: Oracle Technical Consultant

Blue Crystal Solutions is growing and are looking for an experienced Technical Consultant to join our Adelaide office. We are after a candidate who is willing to work as part of a team to deliver exceptional outcomes for our business and our customers.

Read More »
Daniel Cox holds award for Database Migration and Database security work for Comviva

Award Winning: Blue Crystal Solutions wins Customer Award for leading the way in Database Security

In an era where data breaches and security threats loom, the significance of robust database security cannot be overstated. Blue Crystal Solutions, a pioneer in database management and security, has once again demonstrated its unparalleled expertise and commitment to safeguarding digital assets.

Read More »
Oracle Technical Consultant Marketing Assistant

Join Us: Part-Time Marketing Assistant

We are looking for a motivated and creative individual to join our small marketing team on a part-time basis (up to .6 FTE/ 3 days a week) for a 12 month fixed term contract. The ideal candidate will be a marketing student nearing graduation or a recent marketing graduate, eager to apply their skills and knowledge in a real-world setting. As a Marketing Assistant, you will support the development and execution of marketing campaigns, enhancing brand awareness, and driving engagement across various channels.

Read More »

Blue Crystal Solutions: your trusted & innovative IT partner.

ABOUT US

Australian owned and operated since 2004, we provide information technology services locally, nationally and beyond.

We are a specialised supplier of Cloud, Application, Database & Infrastructure, Operating System Management, Modernisation and Transformation services. With security at the forefront of everything we do, we can also work with your cyber teams to significantly improve your security posture whilst ensuring all your services with us are fortified by our integrated outage protection and 24×7 monitoring tool, BlueDiamond

Whatever your IT business challenge, we're here to help.

LET'S GET STARTED
Scroll to Top