Purpose
This view displays the standard audit trail entries related to the current user.
Applicability
This view is available starting with OceanBase Database in Oracle mode.
Columns
| Column | Type | Nullable | Description |
|---|---|---|---|
| OS_USERNAME | VARCHAR2(255) | NO | This column is not supported. The value of this column is NULL by default. |
| USERNAME | VARCHAR2(64) | NO | The name of the user whose actions are being audited. |
| USERHOST | VARCHAR2(32) | NO | The IP address of the host where the user whose actions are being audited is located. |
| TERMINAL | VARCHAR2(255) | NO | This column is not supported. The value of this column is NULL by default. |
| TIMESTAMP | DATE | NO | The date and time when the audit record was created in the local database session time zone. |
| OWNER | VARCHAR2(64) | YES | The creator of the object affected by the action. |
| OBJ_NAME | VARCHAR2(256) | YES | The name of the object affected by the action. |
| ACTION | NUMBER(38) | NO | The numeric code of the action type. |
| ACTION_NAME | VARCHAR2(128) | NO | The name of the action type corresponding to the numeric code in the ACTION column. |
| NEW_OWNER | VARCHAR2(64) | YES | The owner of the object named in the NEW_NAME column. |
| NEW_NAME | VARCHAR2(256) | YES | The new name of the object after the RENAME or base object name. |
| OBJ_PRIVILEGE | VARCHAR2(255) | NO | The object privileges granted or revoked by the GRANT or REVOKE statement. |
| SYS_PRIVILEGE | VARCHAR2(255) | NO | The system privileges granted or revoked by the GRANT or REVOKE statement. |
| ADMIN_OPTION | VARCHAR2(1) | NO | Indicates whether the role or system privilege was granted with the ADMIN option. |
| GRANTEE | VARCHAR2(128) | NO | The grantor specified in the GRANT or REVOKE statement. |
| AUDIT_OPTION | VARCHAR2(40) | NO | The audit options set by the AUDIT statement. |
| SES_ACTIONS | VARCHAR2(19) | NO | This column is not supported. The value of this column is NULL by default. |
| LOGOFF_TIME | DATE | NO | The date and time when the user logged off. |
| LOGOFF_LREAD | NUMBER(38) | NO | The number of logical reads in the session. |
| LOGOFF_PREAD | NUMBER | NO | This column is not supported. The value of this column is NULL by default. |
| LOGOFF_LWRITE | NUMBER | NO | This column is not supported. The value of this column is NULL by default. |
| LOGOFF_DLOCK | VARCHAR2(40) | NO | This column is not supported. The value of this column is NULL by default. |
| COMMENT_TEXT | VARCHAR2(65536) | YES | The text comment on the audit record, providing additional information about the audited statement. |
| SESSIONID | NUMBER(38) | NO | The numeric ID of the session. For V4.2.x:
|
| ENTRYID | NUMBER(38) | NO | The numeric ID of each audit trail entry. |
| STATEMENTID | NUMBER(38) | NO | The numeric ID of each statement. |
| RETURNCODE | NUMBER(38) | NO | The error code generated by the operation. |
| PRIV_USED | VARCHAR2(40) | NO | This field is not supported. It is set to NULL by default. |
| CLIENT_ID | VARCHAR2(40) | NO | This field is not supported. It is set to NULL by default. |
| ECONTEXT_ID | VARCHAR2(40) | NO | This field is not supported. It is set to NULL by default. |
| SESSION_CPU | NUMBER(38) | NO | The CPU time used by the session. |
| EXTENDED_TIMESTAMP | TIMESTAMP(6) WITH TIME ZONE | NO | The timestamp when the audit trail entry was created in the UTC time zone. |
| PROXY_SESSIONID | NUMBER(38) | NO | The proxy session sequence number. |
| GLOBAL_UID | NUMBER(38) | NO | The global user ID of the user. |
| INSTANCE_NUMBER | VARCHAR2(40) | NO | This field is not supported. It is set to NULL by default. |
| OS_PROCESS | VARCHAR2(40) | NO | This field is not supported. It is set to NULL by default. |
| TRANSACTIONID | VARCHAR2(128) | NO | The transaction ID of the transaction in which the object was accessed or modified. |
| SCN | NUMBER(38) | NO | The SCN at which the audited operation occurred. |
| SQL_BIND | VARCHAR2(2000) | YES | This field is not supported. It is set to NULL by default. |
| SQL_TEXT | VARCHAR2(2000) | YES | The SQL text of the query. |
| OBJ_EDITION_NAME | VARCHAR2(128) | NO | This field is not supported. It is set to NULL by default. |
| DBID | NUMBER(38) | NO | The database ID of the audited database. |
Sample query
Query all audit trail entries for the current user.
obclient [SYS]> SELECT USERNAME, USERHOST, TIMESTAMP, ACTION, SQL_TEXT FROM SYS.USER_AUDIT_TRAIL;
The query result is as follows:
+----------+----------------+-----------+--------+----------+
| USERNAME | USERHOST | TIMESTAMP | ACTION | SQL_TEXT |
+----------+----------------+-----------+--------+----------+
| SYS | 100.xx.xxx.xxx | 08-APR-25 | 100 | CONNECT |
| SYS | 100.xx.xxx.xxx | 08-APR-25 | 100 | CONNECT |
| SYS | 100.xx.xxx.xxx | 08-APR-25 | 100 | CONNECT |
+----------+----------------+-----------+--------+----------+
3 rows in set
References
- Query all audit trail entries for the current tenant: DBA_AUDIT_TRAIL
Query the audit trail entries generated by
AUDIT EXISTSandAUDIT NOT EXISTS: DBA_AUDIT_EXISTSQuery the audit trail entries for all objects:
Query the audit trail entries for
CONNECTandDISCONNECT:Query the audit trail entries for
GRANT,REVOKE,AUDIT,NOAUDIT, andALTER SYSTEMstatements:For more information about security audit, see the following topics: