V$XML_AUDIT_TRAIL

V$XML_AUDIT_TRAIL shows standard, fine-grained, SYS, and mandatory audit records written in XML format files.

Column	Datatype	Description
`AUDIT_TYPE`	`NUMBER`	Type of audit row: 1 = Standard XML Audit 2 = Fine Grained XML Audit 4 = SYS XML Audit 8 = Mandatory XML Audit
`SESSION_ID`	`NUMBER`	Numeric ID for the Oracle session
`PROXY_SESSIONID`	`NUMBER`	Proxy session serial number, if an enterprise user has logged in through a proxy mechanism
`STATEMENTID`	`NUMBER`	Numeric ID for the statement run (a statement may cause multiple audit records)
`ENTRYID`	`NUMBER`	Numeric ID for the audit trail entry in the session
`EXTENDED_TIMESTAMP`	`TIMESTAMP(6) WITH TIME ZONE`	Timestamp of the audited operation (the timestamp of the user's logon for entries is created by AUDIT SESSION)
`GLOBAL_UID`	`VARCHAR2(32)`	Global user identifier for the user, if the user has logged in as an enterprise user
`DB_USER`	`VARCHAR2(30)`	Database username of the user whose actions were audited
`CLIENTIDENTIFIER`	`VARCHAR2(64)`	Client identifier in the Oracle session
`EXT_NAME`	`VARCHAR2(1024)`	User's external name
`OS_USER`	`VARCHAR2(30)`	Operating system logon user name of the user whose actions were audited
`OS_HOST`	`VARCHAR2(128)`	Client host machine name
`OS_PROCESS`	`VARCHAR2(16)`	Operating system process identifier of the Oracle server process
`TERMINAL`	`VARCHAR2(30)`	Identifier for the user's terminal
`INSTANCE_NUMBER`	`NUMBER`	Instance number as specified in the initialization parameter file, `init.ora`
`OBJECT_SCHEMA`	`VARCHAR2(30)`	Owner of the audited object
`OBJECT_NAME`	`VARCHAR2(30)`	Name of the object affected by the action
`POLICY_NAME`	`VARCHAR2(30)`	Name of fine-grained auditing policy
`NEW_OWNER`	`VARCHAR2(30)`	Owner of the object named in the `NEW_NAME` column
`NEW_NAME`	`VARCHAR2(30)`	New name of object after renaming, or the name of an underlying object (for example, `CREATE INDEX owner.obj_name ON new_owner.new_name`)
`ACTION`	`NUMBER`	Numeric code for the action type
`STATEMENT_TYPE`	`NUMBER`	Description of the action
`TRANSACTIONID`	`RAW(8)`	Identifier of the transaction in which the object is accessed or modified
`RETURNCODE`	`NUMBER`	Oracle error code generated by the action. Zero if the action succeeded.
`SCN`	`NUMBER`	System change number (SCN) of the query
`COMMENT_TEXT`	`VARCHAR2(4000)`	Text comments on standard audit entries. Also indicates how the user was authenticated - the method can be one of the following: DATABASE - authentication was done by password NETWORK - authentication was done by Net8 or the Advanced Networking Option PROXY - the client was authenticated by another user. The name of the proxy user follows the method type.
`AUTH_PRIVILEGES`	`VARCHAR2(16)`	Privileges granted and revoked in `GRANT` and `REVOKE` statements recorded for standard audit trail entry
`GRANTEE`	`VARCHAR2(30)`	User who granted or revoked the privilege
`PRIV_USED`	`NUMBER`	Numerical code of privileges, if any, used in the action
`SES_ACTIONS`	`VARCHAR2(16)`	Session summary for standard audit records. A string of 12 characters, one for each action type, in the following order: Alter, Audit, Comment, Delete, Grant, Index, Insert, Lock, Rename, Select, Update, Flashback. Values: - = None, S=Success, F=Failure, B=Both
`OS_PRIVILEGE`	`VARCHAR2(7)`	Operating privilege (`SYSDBA` or `SYSOPER`), if any, used in the session. If no privilege is used, it will be `NONE`.
`ECONTEXT_ID`	`VARCHAR2(64)`	Application execution context identifier
`SQL_BIND`	`VARCHAR2(4000)`	List of bind variables used in the statement
`SQL_TEXT`	`VARCHAR2(4000)`	The statement or command that triggered the audit event
`OBJECT_EDITION`	`VARCHAR2(30)`	???