Skip Headers
Oracle® Audit Vault Auditor's Guide
Release 10.2.3
Part Number E11058-01
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introducing Oracle Audit Vault for Auditors
1.1
What Is Oracle Audit Vault?
1.2
General Steps for Using Oracle Audit Vault
1.2.1
Step 1: Ensure That the Source Databases Are Collecting Audit Data
1.2.2
Step 2: Create Audit Policies for Oracle Database Data
1.2.3
Step 3: Optionally, Create and Monitor Alerts
1.2.4
Step 4: View and Customize the Audit Vault Reports
1.3
Database Requirements for Collecting Audit Data
1.3.1
Requirements for Oracle Database
1.3.1.1
Ensuring That Auditing Is Enabled in the Source Database
1.3.1.2
Using Recommended Audit Settings in the Source Database
1.3.2
Requirements for Microsoft SQL Server
1.4
Starting the Audit Vault Console
1.5
Ensuring That the Oracle Audit Vault Collectors Can Collect Data
2
Creating Oracle Audit Vault Policies and Alerts
2.1
About Oracle Audit Vault Policies and Alerts
2.2
Fetching Audit Policy Settings from the Source Oracle Database
2.2.1
Step 1: Retrieve the Audit Settings from the Source Oracle Database
2.2.2
Step 2: Activate (Update) the Fetched Audit Settings State
2.3
Creating Oracle Vault Audit Policies for SQL Statements
2.3.1
About SQL Statement Auditing
2.3.2
Defining a SQL Statement Audit Policy
2.4
Creating Oracle Audit Vault Policies for Schema Objects
2.4.1
About Schema Object Auditing
2.4.2
Defining a Schema Object Audit Policy
2.5
Creating Oracle Audit Vault Policies for Privileges
2.5.1
About Privilege Auditing
2.5.2
Defining a Privilege Audit Policy
2.6
Creating Oracle Audit Vault Policies for Fine-Grained Auditing
2.6.1
About Fine-Grained Auditing
2.6.1.1
Auditing Specific Columns and Rows
2.6.1.2
Using Event Handlers in Fine-Grained Auditing
2.6.2
Defining a Fine-Grained Auditing Policy
2.7
Creating Capture Rules for Redo Log File Auditing
2.7.1
About Capture Rules Used for Redo Log File Auditing
2.7.2
Defining a Capture Rule for Redo Log File Auditing
2.8
Verifying Oracle Audit Vault Policy Settings
2.9
Exporting Oracle Audit Vault Policies to the Source Oracle Database
2.10
Copying Oracle Audit Vault Policies to Other Oracle Databases
2.11
Configuring Alerts
2.11.1
About Alerts
2.11.2
Creating Alerts
2.11.2.1
Creating an Alert Rule
2.11.2.2
Configuring the Basic Alert Condition
2.11.2.3
Configuring the Advanced Alert Condition
2.11.3
Monitoring Alerts
3
Using Oracle Audit Vault Reports
3.1
What Are Oracle Audit Vault Reports?
3.2
Accessing the Oracle Audit Vault Audit Reports
3.3
Using the Default Access Reports
3.3.1
Activity Overview Report
3.3.2
Data Access Report
3.3.3
Database Vault Report
3.3.4
Distributed Database Report
3.3.5
Procedure Executions Report
3.3.6
User Sessions Report
3.4
Using the Default Management Activity Reports
3.4.1
Account Management Report
3.4.2
Audit Commands Report
3.4.3
Object Management Report
3.4.4
Procedure Management Report
3.4.5
Role and Privilege Management Report
3.4.6
System Management Report
3.5
Using the Default System Exception Reports
3.5.1
Exception Report
3.5.2
Invalid Audit Record Report
3.5.3
Uncategorized Activity Report
3.6
Using the Default Compliance Reports
3.6.1
Account and Role Changes - Blocked Report
3.6.2
Account and Role Changes Report
3.6.3
Changes to Audit Report
3.6.4
Data Change Report
3.6.5
DDL Report
3.6.6
Login Failures Report
3.6.7
Login/Logoff Report
3.6.8
Object Access Report
3.6.9
System Events Report
3.7
Using the Critical and Warning Alert Reports
3.7.1
All Alerts Report
3.7.2
Critical Alerts Report
3.7.3
Warning Alerts Report
3.8
Controlling the Display of Data in a Report
3.8.1
About Controlling the Display of Report Data
3.8.2
Hiding or Showing Columns in a Report
3.8.2.1
Hiding the Currently Selected Column
3.8.2.2
Hiding or Showing Any Column
3.8.3
Filtering Data in a Report
3.8.3.1
Filtering All Rows Based on Data from the Currently Selected Column
3.8.3.2
Filtering Column and Row Data
3.8.3.3
Filtering Row Data Using an Expression
3.8.4
Sorting Data in a Report
3.8.4.1
Sorting Row Data for the Currently Selected Column
3.8.4.2
Sorting Row Data for All Columns
3.8.5
Highlighting Rows in a Report
3.8.6
Charting Data in a Report
3.8.7
Adding a Control Break to a Column in a Report
3.8.8
Resetting the Report Display Values to Their Default Settings
3.9
Finding Information About Report Data
3.9.1
Finding Detailed Information About an Audit Record
3.9.2
Finding a Information About the Purpose of a Column
3.10
Working with User-Defined Reports
3.10.1
About User-Defined Reports
3.10.2
Creating a Category for User-Defined Reports
3.10.2.1
Creating a Category Name
3.10.2.2
Alphabetizing the Category Name List
3.10.2.3
Editing Category Names
3.10.3
Creating a User-Defined Report
3.10.4
Accessing a User-Defined Report
3.11
Downloading a Report to a CSV File
A
Oracle Audit Vault Data Warehouse Schema
A.1
About the Oracle Audit Vault Data Warehouse Schema
A.2
Oracle Audit Vault Audit Data Warehouse Architecture
A.3
Design of the Audit Data Warehouse Schema
A.4
How the Fact Table and Dimension Tables Work
A.5
Fact Table Constraints and Indexes
A.6
Relationships Between the Fact and Dimension Tables
A.6.1
AUDIT_EVENT_FACT Fact Table
A.6.2
CLIENT_HOST_DIM Dimension Table
A.6.3
CLIENT_TOOL_DIM Dimension Table
A.6.4
CONTEXT_DIM Dimension Table
A.6.5
EVENT_DIM Dimension Table
A.6.6
PRIVILEGES_DIM Dimension Table
A.6.7
SOURCE_DIM Dimension Table
A.6.8
TARGET_DIM Dimension Table
A.6.9
TIME_DIM Dimension Table
A.6.10
USER_DIM Dimension Table
B
Oracle Database Audit Events
B.1
About the Oracle Database Audit Events
B.2
Account Management Events
B.3
Application Management Events
B.4
Audit Command Events
B.5
Data Access Events
B.6
Oracle Database Vault Events
B.7
Exception Events
B.8
Invalid Record Events
B.9
Object Management Events
B.10
Peer Association Events
B.11
Role and Privilege Management Events
B.12
Service and Application Utilization Events
B.13
System Management Events
B.14
Unknown or Uncategorized Events
B.15
User Session Events
C
Microsoft SQL Server Audit Events
C.1
About the Microsoft SQL Server Audit Events
C.2
Account Management Events
C.3
Application Management Events
C.4
Audit Command Events
C.5
Data Access Events
C.6
Exception Events
C.7
Invalid Record Events
C.8
Object Management Events
C.9
Peer Association Events
C.10
Role and Privilege Management Events
C.11
Service and Application Utilization Events
C.12
System Management Events
C.13
Unknown or Uncategorized Events
C.14
User Session Events
Index
Scripting on this page enhances content navigation, but does not change the content in any way.