Oracle DML auditing tips
Oracle security Tips by Donald Burleson
Question: Can I use the Oracle audit command to audit DML updates to
set of my
Oracle database tables? What alternative are there for the Oracle audit
command? Which audit tool is best? I only want auditing for a
selected sub-set of tables.
Answer: First, see my notes on the different
types of Oracle DML auditing especially Oracle fine-grained auditing (FGA) and
Oracle LogMiner. For complete details on Oracle
DML auditing, see my my book "Oracle
Privacy Security Auditing".
There are three ways to audit DML, and you can extract DML auditing for
selected tables. Just be aware, that LogMiner has the least overhead,
but it does not audit DML in real-time because you are reading the archived
1 - Use the audit command to audit DML on selected tables:
2 - For auditing specified tables you can also audit DML
at the table-level with
3 - Or you can use LogMiner to audit DML for selected tables:
This is just a tiny sample of the Oracle audit functionality and see the book
Privacy Security Auditing", for details and working scripts for Oracle
Oracle Training from Don Burleson
The best on site
training classes" are just a phone call away! You can get personalized Oracle training by Donald Burleson, right at your shop!