This is part 4 of a 3 part series. Heh I guess this qualifies as a little lagniappe on security and audit. I could have called this Oracle Audit but I already spoke about audit in Part 3. I just decided to continue on in the series.

This is a brief, technical discussion about the implementation of audit in Oracle 10g. I’ll quickly show how to turn on standard audit and how to see some of the audit taking place. I’ll follow that with an implementation of FGA and finally a trigger based audit.

One aspect of auditing is to audit your administrators.

Regardless of any regulations you are required to meet you can implement a security and audit scheme that will cover you for most, if not all, eventualities. Having good security and auditability should be desirable regardless of regulations. It protects your business.

In parts 1 and 2, I covered the security side of it. So what do I mean by Audit? Well, auditing is knowing what’s going on in your environment. Future research requirements, accountability, error correction, etc are all covered by audit.

So how does Oracle implement audit? There are several ways you can do it: Standard Audit, Fine Grained Audit and Trigger Based Audit.