Index

A  B  C  D  E  F  G  H  I  J  L  M  N  O  P  R  S  T  U  W 

---

A

access reports

See reports, default access

account management events

Account Management Report, 3.3.3.2

IBM DB2, D.2

Oracle Database, A.2

SQL Server, B.2

Sybase Adaptive Server Enterprise, C.2

Activity Overview Report, 3.3.2.2

Adaptive Server Enterprise

See Sybase Adaptive Server Enterprise

administrative changes

checking collection agent status, 1.5.1

alerts

about, 2.12.1

activity summary, 2.12.6

advanced using condition and function, 2.12.5.3

advanced using condition only, 2.12.5.1

application users, example of creating alerts for, 2.12.5.2

creating advanced alerts with condition and alert, 2.12.5.3

creating advanced alerts with condition only, 2.12.5.1

creating alert status values, 2.12.3

creating basic alerts, 2.12.4

creating rules, 2.12.2.2, 2.12.2.3, 2.12.2.4, 2.12.3, 2.12.4

how they are raised, 2.12.6

listing, 2.12.4

monitoring, 2.12.6

new features, Preface

reports, 3.5

responding to, 2.13

All Alerts Report, 3.5.2

annotating reports, 3.7.1

application management events

IBM DB2, D.3

Oracle Database, A.3

Procedure Management Report, 3.3.3.5

SQL Server, B.3

Sybase Adaptive Server Enterprise, C.3

application users, example of creating alerts for, 2.12.5.2

ASE

See Sybase Adaptive Server Enterprise

attesting to reports, 3.7.1

procedure for auditors, 3.7.1

specifying auditor list, 3.6.1

audit command events

Audit Commands Report, 3.3.3.3

IBM DB2, D.4

Oracle Database, A.4

SQL Server, B.4

Sybase Adaptive Server Enterprise, C.4

Audit Commands Report, 3.3.3.3

audit events

context information in CONTEXT_DIM dimension table, 4.4

IBM DB2, listed, D.1

information in EVENT_DIM dimension table, 4.4

new features, Preface

Oracle Database, A.1

Oracle Database Vault, A.6

SQL Server, B.1

Sybase Adaptive Server Enterprise, C.1

See also reports

audit policies

about, 2.1

activating, 2.3.2

copying to another database, 2.11

creating, general tasks for, 2.2

fine-grained auditing, 2.7.1

privilege auditing, 2.6.1

provisioning to source database, 2.10

redo log files, capture rules for, 2.8.1

retrieving, 2.3.1

schema object auditing, 2.5.1

source database, retrieving settings from, 2.3.1

SQL statement auditing, 2.4.1

verifying semantic correctness, 2.9

audit policy settings

manually provisioning to source database, 2.10.2

saving to SQL script, 2.10.1

audit records

finding information about, 3.10.1

setting a retention period for audit data, 2.14

what happens when collection agents not active, 1.5.3

audit settings

recommended for Oracle source database, 1.3.1.2

refreshing audit settings state, 2.3.2

retention period for audit data, 2.14

source database settings, retrieving, 2.3.2

updating state, 2.3.2

Audit Settings Changes Report, 3.4.5.1

Audit Vault Console

creating alert rules, 2.12

monitoring alerts from, 2.12

starting, 1.4

AUDIT_EVENT_FACT fact table

contents of, 4.6.1

audited data

types of, 1.2.2

auditing

enabling in source database, 1.3

fine-grained, 2.7.1

general tasks, 1.2

privileges, 2.6

redo log files, 2.8

schema objects, 2.5

SQL statements, 2.4

AV$DW_BEFORE_AFTER PL/SQL package, 4.7

---

B

before and after values

accessing from redo logs, 4.7

AV$DW_BEFORE_AFTER PL/SQL package, 4.7

Before/After Values Report, 3.4.5.2

creating capture rules for, 2.8.1

Before/After Values Report, 3.4.5.2, 3.4.5.2

---

C

capture rules

See redo log file auditing

categories

creating for user-defined reports, 3.11.2

changed data, finding and comparing

See entitlement report snapshots and labels, 3.8.1

changes to audit events

Audit Setting Changes Report, 3.4.5.1

Changes to Audit Report, 3.4.5.1

See Before/After Values Report

charting data in reports, 3.9.7

client connections

information in CLIENT_HOST_DIM dimension table, 4.4

tool information in CLIENT_TOOLS_DIM dimension table, 4.4

CLIENT_HOST_DIM dimension table

about, 4.4

contents of, 4.6.2

CLIENT_TOOL_DIM dimension table

about, 4.4

contents of, 4.6.3

collection agents

checking status of, 1.5.1

columns in a report

See also relevant columns

columns in report

finding information about, 3.10.2

hiding current column, 3.9.2.1

hiding or showing, 3.9.2.2

comparing snapshot or label audit data, 3.8.6.3

compliance reports

See reports, compliance

CONTEXT_DIM dimension table

about, 4.4

contents of, 4.6.4

credit card compliance report

Credit Card Related Data Access Report, 3.4.2

Credit Card Related Data Access Report, 3.4.2

credit card reports

See compliance reports, Credit Card Related Data Access Report

Critical Alerts Report, 3.5.3

CSV files, saving reports to, 3.12

custom reports

See data warehouse schema

---

D

Dasboard

new features, Preface

Dashboard page

alert monitoring, 2.12.6

displaying, 2.12.6

data access events

Data Access Report, 3.3.2.3

IBM DB2, D.5

Oracle Database, A.5

Oracle Database Vault, A.6

report, 3.4.3.1, 3.4.3.2, 3.4.4

SQL Server, B.5

Sybase Adaptive Server Enterprise, C.5

Data Access Report, 3.3.2.3

Data Change Report

See Before/After Values Report

See Program Change Report

data warehouse schema

about, 4.1

architecture, 4.2

AUDIT_EVENT_FACT table, 4.6.1

CLIENT_HOST_DIM table, 4.4, 4.6.2

CLIENT_TOOL_DIM table, 4.4, 4.6.3

CONTEXT_DIM table, 4.4, 4.6.4

design, 4.3

dimension tables

about, 4.4

relationships, 4.6

EVENT_DIM table, 4.4, 4.6.5

fact tables

about, 4.4

constraints, 4.5

indexes, 4.5

relationships, 4.6

used in data warehouse schema, 4.4

new features, Preface

PRIVILEGES_DIM table, 4.4, 4.6.6

SOURCE_DIM table, 4.4, 4.6.7

TARGET_DIM table, 4.4, 4.6.8

TIME_DIM table, 4.4, 4.6.9

USER_DIM table, 4.4, 4.6.10

data, changed by INSERT, UPDATE, DELETE

Program Changes Report, 3.4.5.9

Database Failed Logins Report, 3.4.5.3

Database Login/Logoff Report, 3.4.5.4

Database Logoff Report, 3.4.5.5

Database Logon Report, 3.4.5.6

Database Roles by Source Report, 3.3.5.5

Database Roles Report, 3.3.5.5

Database Startup/Shutdown Report, 3.4.5.7

Database Vault

See Oracle Database Vault

Database Vault Report, 3.3.2.4

databases

audit policies

copying to another database, 2.11

provisioning to source database, 2.10

retrieving from, 2.3.1

Database Roles Report, 3.3.5.5

distributed

tracking with Distributed Database Report, 3.3.2.5

logon operations, report, 3.4.5.6

monitoring source database, 1.5.1

requirements for auditing, 1.3

source database information in SOURCE_DIM dimension table, 4.4

startup and shutdown operations, report, 3.4.5.7

DDL Report

See Schema Changes Report

DDL report audit events

Schema Changes Report, 3.4.5.10

default access reports

See reports, default access

default entitlement reports

See reports, default entitlement

default management activity reports

See reports, default management activity

default settings in reports

reverting to, 3.9.9

default system exception reports

See reports, default system exception

Deleted Objects Report, 3.4.5.8

dimension tables

See data warehouse schema

dimension, used in data warehouse schema, 4.4

Distributed Database Report, 3.3.2.5

---

E

e-mail notifications

about, 2.12.2.1

creating a notification template, 2.12.2.3

creating a profile, 2.12.2.2

creating for alerts, 2.13

list for reports, 3.6.1

entitlement report snapshots and labels

about, 3.8.1

general steps for using, 3.8.2

assigning snapshots to a label, 3.8.5

comparing snapshot or label data, 3.8.6.3

creating label, 3.8.4

generating individual snapshot or label data, 3.8.6.2

retrieving entitlement audit data, 3.8.3

viewing snapshot and label audit data, 3.8.6.1

entitlement reports

See reports, default entitlement

EPHI Related Data Access Report, 3.4.4

event activity summary, 2.12.6

event categories

See audit events

event handlers

fine-grained auditing, 2.7.1.2

relevant columns, 2.7.1.2

EVENT_DIM dimension table

about, 4.4

contents of, 4.6.5

exception events

Exception Activity Report, 3.3.4.2

IBM DB2, D.6

Oracle Database, A.7

SQL Server, B.6

Sybase Adaptive Server Enterprise, C.6

---

F

fact tables

See data warehouse schema

filtering data in reports, 3.9.3.1

financial compliance reports

Financial Related Data Access Report, 3.4.3.1

Financial Related Data Modifications Report, 3.4.3.2

financial data reports

See reports, compliance

Financial Related Data Access Report, 3.4.3.1

Financial Related Data Modifications Report, 3.4.3.2

fine-grained auditing, 2.7.1

about, 2.7.1

audit policy, defining, 2.7.2

event handlers, 2.7.1.2

relevant columns, 2.7.1.1

formatting reports, 3.6.1

functions

in advanced alerts, 2.12.5.3

---

G

general tasks for auditors using Oracle Audit Vault, 1.2

---

H

health care compliance report

EPHI Related Data Access Report, 3.4.4

health care reports

See reports, compliance

hiding columns in reports, 3.9.2

highlighting data in reports, 3.9.6

---

I

IBM DB2

audit events

about, D.1

listed, D.1

requirements for audit data collection, 1.3.2

invalid record events

IBM DB2, D.7

Invalid Audit Record Report, 3.3.4.3

Oracle Database, A.8

SQL Server, B.7

Sybase Adaptive Server Enterprise, C.7

---

J

join operations

filtering row data, 3.9.3.1

---

L

labels

about, 3.8.1

assigning snapshot to a label, 3.8.5

comparing label data, 3.8.6.3

creating label, 3.8.4

generating individual label data, 3.8.6.2

retrieving entitlement audit data, 3.8.3

viewing data, 3.8.6.1

Login Failures Report

See Database Failed Logins Report

Login/Logoff Report

See Database Login/Logoff Report, Database Logoff Report, and Database Logon Report

---

M

management activity reports

See reports, default management activity

master records

pulling column from report, 3.9.8

Microsoft SQL Server

See SQL Server

monitoring alerts, 2.12.6

My Oracle Support

about, Preface

---

N

new features in this release, Preface

null values

sorting in reports, 3.9.5.2

---

O

object management events

IBM DB2, D.8

Object Management Report, 3.3.3.4

Oracle Database, A.9

SQL Server, B.8

Sybase Adaptive Server Enterprise, C.8

Object Privileges by Source Report, 3.3.5.7

Object Privileges Report, 3.3.5.7

objects

See schema object auditing

objects being audited

Deleted Objects Report, 3.4.5.8

information in TARGET_DIM dimension table, 4.4

Object Privileges by Source Report, 3.3.5.7

Object Privileges Report, 3.3.5.7

Oracle Audit Vault

about, 1.1

audited data, types of, 1.2.2

general tasks for auditors, 1.2

IBM DB2 database requirements, 1.3.2

new features in this release, Preface

Oracle Database requirements, 1.3.1.1

SQL Server database requirements, 1.3.2

Sybase Adaptive Server Enterprise database requirements, 1.3.2

See also data warehouse schema, reports

Oracle Database

audit events

about, A.1

listed, A.1

audit settings

recommended in the database, 1.3.1.2

checking audit settings in source database, 1.3.1.1

requirements for audit data collection, 1.3.1.1

retrieving audit settings, 2.3

Oracle Database Vault

Database Vault Report, 3.3.2.4

events, A.6

finding if installed, 3.3.2.4

provisioning audit policies settings to database, 2.10.2

Oracle Label Security

audit events, Preface

Oracle MetaLink

See My Oracle Support

---

P

peer association events

Distributed Database Report, 3.3.2.5

IBM DB2, D.9

Oracle Database, A.10

SQL Server, B.9

Sybase Adaptive Server Enterprise, C.9

policies

See audit policies

privilege auditing

about, 2.6.1

defining audit policy, 2.6.2

statement auditing, compared with, 2.6.1

System Privileges by Source Report, 3.3.5.6

System Privileges Report, 3.3.5.6

privilege events

See role and privilege management events

Privileged Users by Source Report, 3.3.5.8

Privileged Users Report, 3.3.5.8

privileges

Privileged Users by Source Report, 3.3.5.8

Privileged Users Report, 3.3.5.8

PRIVILEGES_DIM dimension table

about, 4.4

contents of, 4.6.6

Procedure Executions Report, 3.3.2.6

Procedure Management Report, 3.3.3.5

procedures

See SQL statement auditing

Program Changes Report, 3.4.5.9

---

R

redo log file auditing

about, 2.8.1

defining capture rule for audit policy, 2.8.2

redo logs

accessing before and after values, 4.7

relevant columns

about, 2.7.1.1

event handlers, 2.7.1.2

fine-grained auditing, used in, 2.7.1.1

reports

about, 3.1

accessing, 3.2

annotating, 3.7.1

attesting to, 3.7.1

changing default contents of compliance reports, 3.9.4

checking data collection status, 1.5.1

columns

adding control break, 3.9.8

finding information about, 3.10.2

hiding current column, 3.9.2.1

hiding or showing, 3.9.2.2

compliance, 3.4.1

creating charts, 3.9.7

customizing data display, 3.9

data collected for, 3.1

filtering

all rows based on current column, 3.9.3.2

default contents of compliance reports, 3.9.4

rows in one or all columns, 3.9.3.3

using an expression, 3.9.3.4

finding information

audit records, 3.10.1

column descriptions, 3.10.2

formatting, 3.6.1

highlighting rows, 3.9.6

new features, Preface

PDF generation, 3.6.1

resetting display values to defaults, 3.9.9

saving to CSV file, 3.12

scheduling, 3.6.1

sending to other users, 3.6.1

setting retention time, 3.6.1

sorting data

all columns, 3.9.5.2

current column, 3.9.5.1

specifying auditors to attest to, 3.6.1

who can access, 3.1

See also reports, compliance; reports, entitlement; reports, default; reports, user-defined

reports, compliance

about, 3.4.1

Audit Settings Changes Report, 3.4.5.1

Before/After Values Report, 3.4.5.2

changing default contents, 3.9.4

common reports, 3.4.5

Credit Card Related Data Access Report, 3.4.2

Database Failed Logins Report, 3.4.5.3

Database Login/Logoff Report, 3.4.5.4

Database Logoff Report, 3.4.5.5

Database Logon Report, 3.4.5.6

Database Startup/Shutdown Report, 3.4.5.7

Deleted Objects Report, 3.4.5.8

EPHI Related Data Access Report, 3.4.4

Financial Related Data Access Report, 3.4.3.1

Financial Related Data Modifications Report, 3.4.3.2

Program Changes Report, 3.4.5.9

Schema Changes Report, 3.4.5.10

System Events Report, 3.4.5.11

User Privilege Change Activity Report, 3.4.5.12

reports, default

Access Reports, 3.3.2.1

alert reports, 3.5.1

All Alerts Report, 3.5.2

compliance reports, 3.4.1

Critical Alerts Report, 3.5.3

Warning Alerts Report, 3.5.4

reports, default access

Activity Overview Report, 3.3.2.2

Data Access Report, 3.3.2.3

Database Vault Report, 3.3.2.4

Distributed Database Report, 3.3.2.5

Procedure Executions Report, 3.3.2.6

User Sessions Report, 3.3.2.7

reports, default entitlement

about, 3.3.5.1

Database Roles by Source Report, 3.3.5.5

Database Roles Report, 3.3.5.5

general steps for using, 3.8.2

Object Privileges by Source Report, 3.3.5.7

Object Privileges Report, 3.3.5.7

Privileged Users by Source Report, 3.3.5.8

Privileged Users Report, 3.3.5.8

System Privileges by Source Report, 3.3.5.6

System Privileges Report, 3.3.5.6

User Accounts by Source Report, 3.3.5.2

User Accounts Report, 3.3.5.2

User Privileges by Source Report, 3.3.5.3

User Privileges Report, 3.3.5.3

User Profiles by Source Report, 3.3.5.4

User Profiles Report, 3.3.5.4

See also entitlement report snapshots and labels, 3.8.1

reports, default management activity

about, 3.3.3.1

Account Management Report, 3.3.3.2

Audit Commands Report, 3.3.3.3

Object Management Report, 3.3.3.4

Procedure Management Report, 3.3.3.5

Role and Privilege Management Report, 3.3.3.6

System Management Report, 3.3.3.7

reports, default system exception, 3.3.4.1

about, 3.3.4.1

Exception Activity Report, 3.3.4.2

Invalid Audit Record Report, 3.3.4.3

Uncategorized Activity Report, 3.3.4.4

reports, financial

EPHI Related Data Access Report, 3.4.4

Financial Related Data Access Report, 3.4.3.1

Financial Related Data Modifications Report, 3.4.3.2

reports, user-defined

accessing, 3.11.4

creating, 3.11.3

creating categories, 3.11.2

See also reports

respond to alerts, 2.13

retention period for audit data, 2.14

retention period for reports, 3.6.1

role and privilege management events

IBM DB2, D.10

information in PRIVILEGE_DIM dimension table, 4.4

Oracle Database, A.11

Role and Privilege Management Report, 3.3.3.6

SQL Server, B.10

Sybase Adaptive Server Enterprise, C.10

---

S

Sarbanes-Oxley Act

privilege auditing to meet compliance, 2.6.1

See also compliance reports

saving a report to CSV file, 3.12

Schema Changes Report, 3.4.5.10

schema object auditing

about, 2.5.1

defining audit policy, 2.5.2

Deleted Objects Report, 3.4.5.8

Object Privileges by Source Report, 3.3.5.7

Object Privileges Report, 3.3.5.7

service and application utilization events

IBM DB2, D.11

Oracle Database, A.12

Procedure Executions Report, 3.3.2.6

SQL Server, B.11

Sybase Adaptive Server Enterprise, C.11

session events

See user session

showing columns in reports, 3.9.2

snapshots

about, 3.8.1

assigning snapshots to a label, 3.8.5

comparing snapshot data, 3.8.6.3

generating individual snapshot data, 3.8.6.2

retrieving entitlement audit data, 3.8.3

viewing data, 3.8.6.1

sorting data in reports, 3.9.5

SOURCE_DIM dimension table

about, 4.4

contents of, 4.6.7

SQL script, saving the audit policy settings to, 2.10.1

SQL Server

audit events

about, B.1

listed, B.1

requirements for audit data collection, 1.3.2

SQL statement auditing

about, 2.4.1

defining audit policy, 2.4.2

privilege auditing, compared with, 2.6.1

Procedure Executions Report, 3.3.2.6

Procedure Management Report, 3.3.3.5

starting Audit Vault Console, 1.4

statements

See SQL statement auditing

subqueries

filtering row data, 3.9.3.1

Sybase Adaptive Server Enterprise

audit events

about, C.1

listed, C.1

requirements for audit data collection, 1.3.2

system audit events

System Events Report, 3.4.5.11

System Events Report, 3.4.5.11

system exception reports

See reports, default system exception

system management events

IBM DB2, D.12

Oracle Database, A.13

SQL Server, B.12

Sybase Adaptive Server Enterprise, C.12

System Management Report, 3.3.3.7

System Privileges by Source Report, 3.3.5.6

System Privileges Report, 3.3.5.6

---

T

TARGET_DIM dimension table

about, 4.4

contents of, 4.6.8

time, actions performed over

information in TIME_DIM dimension table, 4.4

TIME_DIM dimension table

about, 4.4

contents of, 4.6.9

trouble ticket notifications

creating, 2.13

trouble tickets

creating a notification, 2.13

creating a template for, 2.12.2.4

troubleshooting

database auditing not enabled, 1.3

Database Vault report not showing data, 3.3.2.4

latest audit data not appearing in reports, 3.3.2.2

no data in reports, 1.5.1

source database not available, 1.5.1

---

U

Uncategorized Activity Report, 3.3.4.4

unknown or uncategorized events

IBM DB2, D.13

Oracle Database, A.14

SQL Server, B.13

Sybase Adaptive Server Enterprise, C.13

Uncategorized Activity Report, 3.3.4.4

User Accounts by Source Report, 3.3.5.2

User Accounts Report, 3.3.5.2

user login failure audit events

Database Failed Logins Report, 3.4.5.3

User Privilege Change Activity Report, 3.4.5.12

User Privileges by Source Report, 3.3.5.3

User Privileges Report, 3.3.5.3

User Profiles by Source Report, 3.3.5.4

User Profiles Report, 3.3.5.4

user session events

IBM DB2, D.14

Oracle Database, A.15

SQL Server, B.14

Sybase Adaptive Server Enterprise, C.14

User Sessions Report, 3.3.2.7

User Sessions Report, 3.3.2.7

USER_DIM dimension table

about, 4.4

contents of, 4.6.10

user-defined reports

accessing, 3.11.4

creating, 3.11.3

creating categories, 3.11.2

deleting, 3.11.4

users

Database Roles Report, 3.3.5.5

information in USER_DIM dimension table, 4.4

logging in to the Audit Vault Console, 1.4

login and logoff operations, Database Login/Logoff Report, 3.4.5.4

logoff operations, report, 3.4.5.5

Privileged Users by Source Report, 3.3.5.8

Privileged Users Report, 3.3.5.8

User Accounts Report, 3.3.5.2

User Privilege Change Activity Report, 3.4.5.12

User Privileges by Source Report, 3.3.5.3

User Privileges Report, 3.3.5.3

User Profiles by Source Report, 3.3.5.4

User Profiles Report, 3.3.5.4

---

W

Warning Alerts Report, 3.5.4

Windows Event Viewer

audit events logged in, B.4

exception events logged in, B.6