After you enable security audit, you must set audit rules to enable auditing on user operations.
Limitations
OceanBase Database supports security audit only in Oracle mode.
Set audit rules
Log on to an Oracle tenant as the ORAAUDITOR user and set the following types of audit rules:
- Statement audit: the audit of specific operations. You do not specify the objects, but you can specify whether the audit rules apply to specific or all users.
- Object audit: the audit of the operations that are performed on specified objects. You can specify whether the audit rules apply to specific or all users.
An audit rule is also a schema object. You can execute the AUDIT and NOAUDIT statements to set audit rules.
For more information about the audit rules, see AUDIT.
For example, audit the INSERT, UPDATE, and DELETE operations on table tbl1 of user1.
obclient> AUDIT INSERT,UPDATE,DELETE ON user1.tbl1;
View audit rules
After you set the audit rules, you can view them by using a series of data dictionary views that are compatible with Oracle.
| Dictionary views | Features |
|---|---|
| ALL_DEF_AUDIT_OPTS | Records default audit rules of new objects. Valid values of each column: * -/-: By default, no auditing is performed.* A/-: Auditing is performed when the execution of the statement is successful.-/A: Auditing is performed when the execution of the statement fails. * A/A: Auditing is performed regardless of whether the execution of the statement is successful. |
| DBA_STMT_AUDIT_OPTS | Records detailed auditing configuration at the statement level. |
| DBA_OBJ_AUDIT_OPTS | Records detailed auditing configuration at the object level. |
View the audit rules in the ALL_DEF_AUDIT_OPTS view. Example:
obclient> SELECT * FROM SYS.ALL_DEF_AUDIT_OPTS;
References
For more information about audit operations, see the following topics: