For Oracle database customers the Oracle Audit Vault can protect the following:
- SQL statements logs – Data Manipulation Language (DML) statement auditing such as when users are attempting to query the database or modify data, using SELECT, INSERT, UPDATE, or DELETE.
- Database Schema Objects changes – Data Definition Language (DDL) statement auditing such as when users create or modify database structures such as tables or views.
- Database Privileges and Changes – Auditing can be defined for the granting of system privileges, such as SELECT ANY TABLE. With this kind of auditing, Oracle Audit Vault records SQL statements that require the audited privilege to succeed.
- Fine-grained audit logs – Fine Grained Auditing activities stored in SYS.FGA_LOG$ such as whether an IP address from outside the corporate network is being used or if specific table columns are being modified. For example, when the HR.SALARY table is SELECTED using direct database connection (not from the application), a condition could be to log the details of result sets where the PROPOSED_SALARY column is greater than $500,000 USD.
- Redo log data – Database redo log file data. The redo log files store all changes that occur in the database. Every instance of an Oracle database has an associated redo log to protect the database in case of an instance failure. In Oracle Audit Vault, the capture rule specifies DML and DDL changes that should be checked when Oracle Database scans the database redo log.
The Audit Vault also supports –
- Database Vault – Database Vault settings stored in DVSYS.AUDIT_TRAIL$ such as Realm audit, factor audit and Rule Audit.
- System and SYS – Core changes to the database by privileged users such as DBAs as recorded by AUDIT_SYS_OPERATIONS.
- Stored Procedure Auditing – Monitor any changes made to PL/SQL and stored procedures. Standard reports are provided to stored procedure operations, deleted and created procedures as well as modification history.
If you have questions, please contact us at mailto:email@example.com