Oracle Database auditing with Oracle unified auditing

For any company requiring auditing requirements for their Oracle databases they should consider using Oracle's unified auditing. And, accordingly to our Oracle Specalist and Client Delivery Lead Brad Smith, here's why:
Facebook-f Twitter Youtube Linkedin
azure blob storage Azure Blobfuse Oracle Database Oracle backup
Picture of Written by Brad Smith

Written by Brad Smith

Client Delivery Lead for Oracle at Blue Crystal Solutions

How to use Oracle Unified Auditing to meet your auditing requirements for Oracle Database

For any company requiring auditing requirements for their Oracle database or databases they should consider using Oracle’s unified auditing. And here’s why:

Oracle unified auditing is a new auditing feature which was introduced first in Oracle 12.1 and is now Oracle’s recommended auditing option. Traditional auditing is deprecated from Oracle 21c. There are many reasons to add auditing to your database, these could be and not limited to – notification of unauthorized changes to important data, deter users, suspicious activity, unauthorized use of database and many other reasons. To enable unified auditing it requires the relinking of the Oracle binaries with the new uniaud_on and a restart of the instances.  It is highly recommended to place auditing inside it’s own tablespace, this can be done by allocating a tablespace for the unified auditing data. The audit trail and audit policies can be maintained by those users granted the AUDIT_ADMIN role.  For users that need to view the audit information, the AUDIT_VIEWER role can be assigned.

Oracle unified auditing advantages:
  • Single unified audit trail, simplifies managing multiple audit trails.
  • Predefined audit policies which may be useful out of the box.
  • Easily create audit policies to suit your company’s auditing requirements.
  • Auditing performance is improved for both reads and writes (12.2+).  Performance impacts are lower than traditional auditing.
  • Once enabled unified auditing is always on, no more needing to set different initialization parameters.
Oracle unified auditing recommendations:
  • Keep unified auditing in a separate tablespace.
  • Consider a retention policy for your auditing information.
  • Target auditing that is required only, collecting unnecessary audit information increases impacts on performance and increases storage use.

Some handy SQL to check whether Unified Auditing is enabled and currently in use:

Determine whether unified auditing is enabled within the database:

SELECT value from v$option where parameter = ‘Unified Auditing’;

Checking which policies are enabled:

SELECT policy_name, enabled_opt, user_name FROM audit_unified_enabled_policies

Check the default policies and conditions for pre-defined policies ORA_SECURECONFIG and ORA_LOGON_FAILURES:

SELECT policy_name,audit_option,condition_eval_opt,audit_condition FROM audit_unified_policies WHERE  policy_name in (‘ORA_SECURECONFIG’,’ORA_LOGON_FAILURES’) order by 1;

Oracle
Our Oracle Expertise

BCS has been Oracle Partners since our beginning in 2004. Our long history has enabled us to become experts in Oracle technology and the innovations their tools can enable. We’ve compiled a series of tech articles and case studies to demonstrate exactly that.

LEARN MORE
We're here to help.
ALL NEWS
CONTACT US
Facebook-f Twitter Youtube Linkedin

Learn More.

ALL NEWS
Australian Centre for Business Growth

Blue Crystal graduates from the Australian Centre for Business Growth

Blue Crystal Solutions is proud to announce its successful graduation from the Growth Modules Program at the Australian Centre for Business Growth (AUCBG), University of South Australia. Over the past 9 months, our leadership team gained expert insights, actionable strategies, and a clear roadmap to accelerate our growth.

Read More »
Oracle Database 23ai Blue Crystal Solutions: Efficient Cloud Migration and Technology Integration

New Features in Oracle Database 23ai: Security Improvements for Oracle Schema

Discover how Oracle Database 23ai levels up privilege management with schema-level privileges. This innovative feature simplifies security and enhances database control by enforcing the Principle of Least Privilege (PoLP), ensuring compliance, and streamlining user access. Dive into the methodology, advantages, and practical examples for leveraging schema-level privileges effectively.

Read More »
Premier Support Extension

Oracle Premier Support Extension: Database 19c

Premier Support Extension for Oracle Database 19c to December 31, 2029 gives organisations more time to plan their database upgrade strategy. With bug fixes, security patches, upgrades and 24x7 Oracle database monitoring by Blue Crystal Solutions, you can manage your Oracle 19c support effectively.

Read More »

Blue Crystal Solutions: your trusted & innovative IT partner.

ABOUT US

Australian owned and operated since 2004, we provide information technology services locally, nationally and beyond.

We are a specialised supplier of Cloud, Application, Database & Infrastructure, Operating System Management, Modernisation and Transformation services. With security at the forefront of everything we do, we can also work with your cyber teams to significantly improve your security posture whilst ensuring all your services with us are fortified by our integrated outage protection and 24×7 monitoring tool, BlueDiamond

Whatever your IT business challenge, we're here to help.

Talk to us
Scroll to Top