Note
This view is available starting with V2.2.77.
Purpose
The USER_AUDIT_STATEMENT view displays audit tracking entries for the GRANT, REVOKE, AUDIT, NOAUDIT, and ALTER SYSTEM statements issued by the current user.
Applicability
This view is available only in Oracle mode.
Columns
| Column | Type | Nullable? | Description |
|---|---|---|---|
| OS_USERNAME | VARCHAR2(255) | NO | This column is not supported. It is set to NULL by default. |
| USERNAME | VARCHAR2(64) | NO | The name of the user whose actions are being audited. |
| USERHOST | VARCHAR2(32) | NO | This column is not supported. It is set to NULL by default. |
| TERMINAL | VARCHAR2(255) | NO | This column is not supported. It is set to NULL by default. |
| TIMESTAMP | DATE | NO | The date and time when the audit record was created in the local database session time zone. |
| OWNER | VARCHAR2(64) | YES | The creator of the object affected by the action. |
| OBJ_NAME | VARCHAR2(256) | YES | The name of the object affected by the operation. |
| ACTION_NAME | VARCHAR2(128) | NO | The name of the operation type corresponding to the numeric code in the operation column of DBA_AUDIT_TRAIL. |
| NEW_NAME | VARCHAR2(256) | YES | The new name of the object after a RENAME operation or the name of the base object. |
| OBJ_PRIVILEGE | VARCHAR2(255) | NO | The object privileges granted or revoked by the GRANT or REVOKE statement. |
| SYS_PRIVILEGE | VARCHAR2(255) | NO | The system privileges granted or revoked by the GRANT or REVOKE statement. |
| ADMIN_OPTION | VARCHAR2(1) | NO | Indicates whether the role or system privilege was granted using the ADMIN option. |
| GRANTEE | VARCHAR2(128) | NO | The grantor specified in the GRANT or REVOKE statement. |
| AUDIT_OPTION | VARCHAR2(40) | NO | The audit option set with the audit statement. |
| SES_ACTIONS | VARCHAR2(19) | NO | This column is not supported. It is set to NULL by default. |
| COMMENT_TEXT | VARCHAR2(65536) | YES | The text comment inserted by the application on the audit record. |
| SESSIONID | NUMBER(38) | NO | For V4.3.x:
|
| ENTRYID | NUMBER(38) | NO | The numeric ID of each audit record in the session. |
| STATEMENTID | NUMBER(38) | NO | The numeric ID of each statement. |
| RETURNCODE | NUMBER(38) | NO | The error code generated by the operation. |
| PRIV_USED | VARCHAR2(40) | NO | This column is not supported. It is set to NULL by default. |
| CLIENT_ID | VARCHAR2(40) | NO | This column is not supported. It is set to NULL by default. |
| ECONTEXT_ID | VARCHAR2(40) | NO | This column is not supported. It is set to NULL by default. |
| SESSION_CPU | NUMBER(38) | NO | The CPU time used by the session. |
| EXTENDED_TIMESTAMP | TIMESTAMP(6) WITH TIME ZONE | NO | The timestamp when the audit record was created in the UTC time zone. |
| PROXY_SESSIONID | NUMBER(38) | NO | The proxy session sequence number. |
| GLOBAL_UID | NUMBER(38) | NO | The global user identifier of the user. |
| INSTANCE_NUMBER | VARCHAR2(40) | NO | This column is not supported. The default value is NULL. |
| OS_PROCESS | VARCHAR2(40) | NO | This column is not supported. The default value is NULL. |
| TRANSACTIONID | VARCHAR2(128) | NO | The transaction identifier in which the object was accessed or modified. |
| SCN | NUMBER(38) | NO | This column is not supported. The default value is 0. |
| SQL_BIND | VARCHAR2(2000) | YES | This column is not supported. The default value is NULL. |
| SQL_TEXT | VARCHAR2(2000) | YES | The SQL text of the query. |
| OBJ_EDITION_NAME | VARCHAR2(128) | NO | This column is not supported. The default value is NULL. |
Sample query
Query the audit trail entries for the GRANT, REVOKE, AUDIT, NOAUDIT, and ALTER SYSTEM statements issued by the current user.
obclient [SYS]> SELECT USERNAME, USERHOST, TIMESTAMP, ACTION_NAME, SQL_TEXT FROM SYS.USER_AUDIT_STATEMENT;
The query result is as follows:
+----------+----------------+-----------+--------------+---------------------------------+
| USERNAME | USERHOST | TIMESTAMP | ACTION_NAME | SQL_TEXT |
+----------+----------------+-----------+--------------+---------------------------------+
| SYS | 100.xx.xxx.xxx | 08-APR-25 | ALTER SYSTEM | SET GLOBAL event_scheduler = ON |
+----------+----------------+-----------+--------------+---------------------------------+
1 row in set
References
Query the audit trail entries for the
GRANT,REVOKE,AUDIT,NOAUDIT, andALTER SYSTEMstatements issued by all users in the current tenant: DBA_AUDIT_STATEMENTQuery the audit trail entries for the
AUDIT EXISTSandAUDIT NOT EXISTSstatements: DBA_AUDIT_EXISTSQuery the audit trail entries for all objects:
Query the audit trail entries for the
CONNECTandDISCONNECTstatements:Query all audit trail entries:
For more information about security audit, see the following topics: