Purpose
This view displays all audit trail entries for the GRANT, REVOKE, AUDIT, NOAUDIT, and ALTER SYSTEM statements in the current tenant.
Applicability
This view is available only in Oracle mode.
Columns
| Column | Type | Nullable | Description |
|---|---|---|---|
| OS_USERNAME | VARCHAR2(255) | NO | This column is not supported. The value of this column is NULL by default. |
| USERNAME | VARCHAR2(64) | NO | The name of the user whose actions are being audited. |
| USERHOST | VARCHAR2(32) | NO | The IP address of the host on which the user whose actions are being audited is located. |
| TERMINAL | VARCHAR2(255) | NO | This column is not supported. The value of this column is NULL by default. |
| TIMESTAMP | DATE | NO | The date and time when the audit trail entry was created in the local database session time zone. |
| OWNER | VARCHAR2(64) | YES | The creator of the object affected by the action. |
| OBJ_NAME | VARCHAR2(256) | YES | The name of the object affected by the action. |
| ACTION_NAME | VARCHAR2(128) | NO | The name of the operation type corresponding to the numeric code in the operation column of DBA_AUDIT_TRAIL. |
| NEW_NAME | VARCHAR2(256) | YES | The new name of the object after the RENAME operation or the name of the base object. |
| OBJ_PRIVILEGE | VARCHAR2(255) | NO | The object privileges granted or revoked by the GRANT or REVOKE statement. |
| SYS_PRIVILEGE | VARCHAR2(255) | NO | The system privileges granted or revoked by the GRANT or REVOKE statement. |
| ADMIN_OPTION | VARCHAR2(1) | NO | Indicates whether the role or system privilege was granted using the ADMIN option. |
| GRANTEE | VARCHAR2(128) | NO | The name of the grantor specified in the GRANT or REVOKE statement. |
| AUDIT_OPTION | VARCHAR2(40) | NO | The audit option set with the AUDIT statement. |
| SES_ACTIONS | VARCHAR2(19) | NO | This column is not supported. The value of this column is NULL by default. |
| COMMENT_TEXT | VARCHAR2(65536) | YES | The text comment inserted by the application on the audit trail. |
| SESSIONID | NUMBER(38) | NO | The numeric ID of the session. For V4.2.x:
|
| ENTRYID | NUMBER(38) | NO | The numeric ID of each audit trail entry in the session. |
| STATEMENTID | NUMBER(38) | NO | The numeric ID of each statement. |
| RETURNCODE | NUMBER(38) | NO | The error code generated by the operation. |
| PRIV_USED | VARCHAR2(40) | NO | This column is not supported. The value of this column is NULL by default. |
| CLIENT_ID | VARCHAR2(40) | NO | This column is not supported. The value of this column is NULL by default. |
| ECONTEXT_ID | VARCHAR2(40) | NO | This column is not supported. It is NULL by default. |
| SESSION_CPU | NUMBER(38) | NO | The amount of CPU time used by the session. |
| EXTENDED_TIMESTAMP | TIMESTAMP(6) WITH TIME ZONE | NO | The time at which the audit tracking record was created, in the UTC time zone. |
| PROXY_SESSIONID | NUMBER(38) | NO | The sequence number of the proxy session. |
| GLOBAL_UID | NUMBER(38) | NO | The user's global user ID. |
| INSTANCE_NUMBER | VARCHAR2(40) | NO | This column is not supported. It is NULL by default. |
| OS_PROCESS | VARCHAR2(40) | NO | This column is not supported. It is NULL by default. |
| TRANSACTIONID | VARCHAR2(128) | NO | The transaction ID in which the object was accessed or modified. |
| SCN | NUMBER(38) | NO | The SCN at which the audited operation occurred. |
| SQL_BIND | VARCHAR2(2000) | YES | This column is not supported. It is NULL by default. |
| SQL_TEXT | VARCHAR2(2000) | YES | The SQL text of the query. |
| OBJ_EDITION_NAME | VARCHAR2(128) | NO | This column is not supported. It is NULL by default. |
Sample query
Query all audit trail entries for the GRANT, REVOKE, AUDIT, NOAUDIT, and ALTER SYSTEM statements in the current tenant.
obclient [SYS]> SELECT USERNAME, USERHOST, TIMESTAMP, ACTION_NAME, SQL_TEXT FROM SYS.DBA_AUDIT_STATEMENT;
The query result is as follows:
+----------+----------------+-----------+--------------+---------------------------------+
| USERNAME | USERHOST | TIMESTAMP | ACTION_NAME | SQL_TEXT |
+----------+----------------+-----------+--------------+---------------------------------+
| SYS | 100.xx.xxx.xxx | 08-APR-25 | ALTER SYSTEM | SET GLOBAL event_scheduler = ON |
+----------+----------------+-----------+--------------+---------------------------------+
1 row in set
References
Query audit trail entries for the
GRANT,REVOKE,AUDIT,NOAUDIT, andALTER SYSTEMstatements issued by the current user: USER_AUDIT_STATEMENTQuery audit trail entries for the
AUDIT EXISTSandAUDIT NOT EXISTSstatements: DBA_AUDIT_EXISTSQuery audit trail entries for all objects:
Query audit trail entries for the
CONNECTandDISCONNECTstatements:Query all audit trail entries:
For more information about security audit, see the following topics: