iSelfSchooling - The Oracle 12c New Features

iSelfSchooling.com Since 1999 References | Search more | Oracle Syntax | Free Online Oracle Training

Home .Services Login Start Learning Certification . .Share your BELIEF(s)...

. Online Accounting     .Copyright & User Agreement   |

    .Vision      .Biography     .Acknowledgement
.Contact Us      .Comments/Suggestions       Email2aFriend    |

Oracle 12c New Features

Online Oracle Training

LESSON 22

What the Unified Audit is

Assuming that you have a requirement to audit Data Pump export/import and RMAN at your work, then you need to enable unified audit and configure.

How to enable the unified auditing

To enable the unified auditing, you need to shut down all the database components and use the make command to rebuild the oracle library binary to perform the unified auditing.

Let us shut down all components, such as Oracle database and listener for mycdb.

# cd ~

# . ./.profile

# sqlplus /nolog

SQL> connect / as sysdba

Check that you are on the right database

SQL> show parameter name

SQL> SHUTDOWN IMMEDIATE;

SQL> exit;

Stop the listener.

# lsnrctl stop

Check to see any processes left.

# ps "ef|grep oracle

Notice that you should not have any process running.

Go to the Oracle library and enable the unified audit option.

# cd $ORACLE_HOME/rdbms/lib

# make "f ins_rdbms.mk uniaud_on ioracle ORACLE_HOME=$ORACLE_HOME

You will see"

/usr/bin/ar d

-Linking Oracle

rm "f /app/oracle/"

chmod 6751 /app/oracle/"

Once you successfully link the objects with the unified audit option, you can start your oracle components.

Start the listener.

# lsnrctl start

Now, you can restart the processes.

# sqlplus /nolog

SQL> connect / as sysdba

SQL> startup mount;

SQL> ALTER DATABASE ARCHIVELOG;

SQL> ALTER DATABASE OPEN;

Create a policy to audit your Data Pump export/import operations.

SQL> CREATE AUDIT POLICY my_dp4export ACTIONS COMPONENT=datapump export;

SQL> CREATE AUDIT POLICY my_dp4import ACTIONS COMPONENT=datapump import;

Turn on auditing the created policy.

SQL> AUDIT POLICY my_dp4export;

SQL> AUDIT POLICY my_dp4import;

List your existing policies on the Data Pump export and import operations.

SQL> SELECT user_name, policy_name FROM audit_unified_enabled_policies

2 WHERE policy_name LIKE "MY_DP%";

USER_NAME	POLICY_NAME
ALL USERS	MY_DP4EXPORT
ALL USERS	MY_DP4IMPORT

Now if you perform any data pump export or import operations, you can view them by the following query using the UNIFIED_AUDIT_TRAIL view.

SQL> SELECT dbusername, dp_text_parameters1, dp_boolean_parameters1

2 FROM unified_audit_trail WHERE dp_text_parameters1 IS NOT NULL;

How to audit RMAN backups

For the RMAN backups, you do not need to create any unified audit policy. It will be audited by default. But to view the audited operation, you need to use the RMAN_OPERATION column in the UNIFIED_AUDIT_TRAIL view.

SQL> SELECT dbusername, rman_operation

2 FROM unified_audit_trail WHERE rman_operation IS NOT NULL;

Good Luck!