Reference for Data Safe
This guide lists the predefined objects in OCI Resource Analytics for the Data Safe service. You can find information about views, entity relationships, subject areas and sample queries.
Views
This section provides information about views within OCI Resource Analytics Data Safe and their columns, data types, keys, and the referred view and column names. The following views are available:
| Name | Description |
|---|---|
| DATA_SAFE_ALERT_POLICY_DIM_V | This view stores information about an Alert Policy, which is a set of alerting rules evaluated against a target. |
| DATA_SAFE_ATTRIBUTE_SET_DIM_V | This view stores information about an attribute set, which is a collection of data attributes defined by the user. i.e an attribute set of ip addresses, os user names or database privileged users. |
| DATA_SAFE_AUDIT_ARCHIVE_RETRIEVAL_DIM_V | This view stores information about the archive retrieve request for the audit data. You can retrieve audit data for a target database from the archive and store it online. |
| DATA_SAFE_AUDIT_POLICY_DIM_V | This view stores information about all available audit policies relevant for the target database with their corresponding audit conditions. The audit policies could be in any one of the following 3 states in the target database 1) Created and enabled 2) Created but not enabled 3) Not created. |
| DATA_SAFE_AUDIT_PROFILE_DIM_V | This view stores information about audit profile settings and audit configurations for the database target, and helps evaluate the initial audit data volume for configuring collection in Data Safe. The resource is also responsible for auto discovery of audit trails in the database target during targets registration. |
| DATA_SAFE_AUDIT_TRAIL_DIM_V | This view stores information about an audit trail, which represents the source of audit records that provides documentary evidence of the sequence of activities in the target database. Configuring audit trails in Data Safe, and enabling audit data collection on the audit trails copies the audit records from the target databases audit trail into the Data Safe repository. |
| DATA_SAFE_DATABASE_SECURITY_CONFIG_DIM_V | This view stores information about the target database configurations. |
| DATA_SAFE_DISCOVERY_JOB_DIM_V | This view stores information about a data discovery job. It helps track job's metadata as well as result statistics. |
| DATA_SAFE_LIBRARY_MASKING_FORMAT_DIM_V | This view stores information about a library masking format, which is stored in an Oracle Cloud Infrastructure compartment and can be used in multiple masking policies. If you want to use the same masking logic for multiple masking columns or even in multiple masking policies, you can create a library masking format and assign it to masking columns as needed. It helps you avoid defining the same masking logic again and again. |
| DATA_SAFE_MASKING_POLICY_DIM_V | This view stores information about a masking policy, which defines the approach to mask data in a target database. |
| DATA_SAFE_MASKING_POLICY_HEALTH_REPORT_DIM_V | This view stores information about the masking policy health report. |
| DATA_SAFE_MASKING_REPORT_DIM_V | This view stores information about a masking report, which contains information about a completed masking request. It includes details such as the target database masked, masking policy used, masking start and finish time, total number of schemas, tables, columns and values masked, masked columns, and the masking formats used. |
| DATA_SAFE_ON_PREM_CONNECTOR_DIM_V | This view stores information about a Data Safe on-premises connector that enables Data Safe to connect to on-premises databases. |
| DATA_SAFE_PRIVATE_ENDPOINT_DIM_V | This view stores information about a Data Safe private endpoint that allows Data Safe to connect to databases in a customers virtual cloud network (VCN). |
| DATA_SAFE_REPORT_DIM_V | This view stores information about the description of the report. |
| DATA_SAFE_REPORT_DEFINITION_DIM_V | This view stores information about the report definition. |
| DATA_SAFE_SDM_MASKING_POLICY_DIFFERENCE_DIM_V | This view stores information about a resource that tracks the differences between sensitive columns in the sensitive data model and masking columns in the masking policy. |
| DATA_SAFE_SECURITY_ASSESSMENT_DIM_V | This view stores information about a security assessment that provides an overall insight into your database security posture. |
| DATA_SAFE_SECURITY_POLICY_DIM_V | This view stores information about all the security policies in Data Safe. |
| DATA_SAFE_SECURITY_POLICY_CONFIG_DIM_V | This view stores information about the common configurations corresponding to the associated security policy. |
| DATA_SAFE_SECURITY_POLICY_DEPLOYMENT_DIM_V | This view stores information about the state of the deployment of a security policy on a target. |
| DATA_SAFE_SECURITY_POLICY_REPORT_DIM_V | This view stores information about the security policy report. |
| DATA_SAFE_SENSITIVE_DATA_MODEL_DIM_V | This view stores information about a sensitive data model, which is a collection of sensitive columns and their referential relationships. |
| DATA_SAFE_SENSITIVE_TYPE_DIM_V | This view stores information about sensitive types, which define a particular type or class of sensitive data. |
| DATA_SAFE_SENSITIVE_TYPE_GROUP_DIM_V | This view stores information about the details of the sensitive type group. |
| DATA_SAFE_SENSITIVE_TYPES_EXPORT_DIM_V | This view stores information about the sensitive types to be exported in Data Safe. |
| DATA_SAFE_SQL_FIREWALL_POLICY_DIM_V | This view stores information about the SQL Firewall policy resource contained in the firewall policy metadata for a single user. |
| DATA_SAFE_TARGET_ALERT_POLICY_ASSOCIATION_DIM_V | This view stores information about the association of the target database to an alert policy. |
| DATA_SAFE_TARGET_DATABASE_DIM_V | This view stores information about the details of the Data Safe target database. |
| DATA_SAFE_TARGET_DATABASE_GROUP_DIM_V | This view stores information about the details of the target database group including matching criteria. Used for a single resource retrieval. |
| DATA_SAFE_UNIFIED_AUDIT_POLICY_DIM_V | This view stores information about a single unified audit policy on the target database. |
| DATA_SAFE_UNIFIED_AUDIT_POLICY_DEFINITION_DIM_V | This view stores information about a single unified audit policy definition. |
| DATA_SAFE_USER_ASSESSMENT_DIM_V | This view stores information about the user assessment, which includes statistics related to target database users. |
| DATA_SAFE_AUDIT_PROFILE_FACT_V | Fact table for Data Safe audit profiles, capturing audit collection and retention posture. |
| DATA_SAFE_AUDIT_TRAIL_FACT_V | Fact table for Data Safe audit trails, capturing audit collection source and collection state. |
| DATA_SAFE_DISCOVERY_JOB_FACT_V | Fact table for Data Safe sensitive data discovery jobs. |
| DATA_SAFE_MASKING_POLICY_HEALTH_REPORT_FACT_V | Fact table for Data Safe masking policy health reports, including warning and error counts. |
| DATA_SAFE_SECURITY_ASSESSMENT_FACT_V | Fact table for Data Safe security assessments, capturing assessment scheduling and baseline drift. |
| DATA_SAFE_TARGET_DATABASE_FACT_V | Fact table for Data Safe target databases, the primary protected database grain. |
| DATA_SAFE_USER_ASSESSMENT_FACT_V | Fact table for Data Safe user assessments, capturing scheduling and baseline drift for database user risk. |
The suffixes in the view names designate the view type:
- FACT_V: Fact
- DIM_V: Dimension
The contents of each view and their relationships are listed in the following file: Data Safe views.
Each tab in the Excel spreadsheet contains the details of a view.
Relationship Diagram
This section provides diagrams that define the logical relationship of a fact table with different dimension tables.
These diagrams show the relationship of the Data Safe fact view with different dimension views.







Relationships exist among dimensions. Dimensions can be joined directly to each other. This diagram shows the relationship between dimension views.























Sample Queries
Sample queries for Data Safe.
List the number of audit profiles associated with each target ID.
SELECT
TARGET_ID,
COUNT(AUDIT_PROFILE_ID) AS AUDIT_PROFILE_COUNT
FROM OCIRA.DATA_SAFE_AUDIT_PROFILE_FACT_V F
GROUP BY TARGET_ID;List the number of audit trails associated with each audit profile ID.
SELECT
AUDIT_PROFILE_ID,
COUNT(AUDIT_TRAIL_ID) AS AUDIT_TRAIL_COUNT
FROM OCIRA.DATA_SAFE_AUDIT_TRAIL_FACT_V F
GROUP BY AUDIT_PROFILE_ID;List the number of discovery jobs associated with each target ID.
SELECT
TARGET_ID,
COUNT(DISCOVERY_JOB_ID) AS DISCOVERY_JOB_COUNT
FROM OCIRA.DATA_SAFE_DISCOVERY_JOB_FACT_V F
GROUP BY TARGET_ID;List the number of masking policy health reports associated with each masking policy ID.
SELECT
MASKING_POLICY_ID,
COUNT(MASKING_POLICY_HEALTH_REPORT_ID) AS MASKING_POLICY_HEALTH_REPORT_COUNT
FROM OCIRA.DATA_SAFE_MASKING_POLICY_HEALTH_REPORT_FACT_V F
GROUP BY MASKING_POLICY_ID;List the number of security assessments associated with each target database group ID.
SELECT
TARGET_DATABASE_GROUP_ID,
COUNT(SECURITY_ASSESSMENT_ID) AS SECURITY_ASSESSMENT_COUNT
FROM OCIRA.DATA_SAFE_SECURITY_ASSESSMENT_FACT_V F
GROUP BY TARGET_DATABASE_GROUP_ID;List active target databases.
SELECT
TARGET_DATABASE_ID,
DISPLAY_NAME,
LIFECYCLE_STATE
FROM OCIRA.DATA_SAFE_TARGET_DATABASE_FACT_V F
WHERE LIFECYCLE_STATE = 'ACTIVE';List the number of user assessments associated with each target database group ID.
SELECT
TARGET_DATABASE_GROUP_ID,
COUNT(USER_ASSESSMENT_ID) AS USER_ASSESSMENT_COUNT
FROM OCIRA.DATA_SAFE_USER_ASSESSMENT_FACT_V F
GROUP BY TARGET_DATABASE_GROUP_ID;Data Lineage
The Customer Experience Semantic Model Lineage spreadsheet and Metric Calculation Logic spreadsheet for Data Safe provide an end-to-end data lineage summary report for physical and logical relationships in your data.
For more information, see Data Lineage.
Subject Areas
This section provides information on the subject areas with data you maintain in Data Safe. These subject areas, with their corresponding data, are available for you to use when creating and editing analyses and reports. The information for each subject area includes:
Description of the subject area.
Business questions that can be answered by data in the subject area, with a link to more detailed information about each business question.
Job-specific groups and duty roles that can be used to secure access to the subject area, with a link to more detailed information about each job role and duty role.
Primary navigation to the work area that's represented by the subject area.
Time reporting considerations in using the subject area, such as whether the subject area reports historical data or only the current data. Historical reporting refers to reporting on historical transactional data in a subject area. With a few exceptions, all dimensional data are current as of the primary transaction dates or system date.
The lowest grain of transactional data in a subject area. The lowest transactional data grain decides how data are joined in a report.
Special considerations, tips, and things to look out for in using the subject area to create analyses and reports.
Useful Resources
Oracle Cloud Infrastructure Documentation / API Reference
- Oracle Cloud Infrastructure Data Safe Documentation
- AlertPolicy Reference
- AlertPolicy Reference
- AttributeSet Reference
- AuditArchiveRetrieval Reference
- AuditPolicy Reference
- AuditProfile Reference
- AuditTrail Reference
- DatabaseSecurityConfig Reference
- DataSafePrivateEndpoint Reference
- DiscoveryJob Reference
- LibraryMaskingFormat Reference
- MaskingPolicy Reference
- MaskingPolicyHealthReport Reference
- MaskingReport Reference
- OnPremConnector Reference
- Report Reference
- ReportDefinition Reference
- SdmMaskingPolicyDifference Reference
- SecurityAssessment Reference
- SecurityPolicy Reference
- SecurityPolicyConfig Reference
- SecurityPolicyDeployment Reference
- SecurityPolicyReport Reference
- SensitiveDataModel Reference
- SensitiveType Reference
- SensitiveTypeGroup Reference
- SensitiveTypesExport Reference
- SqlFirewallPolicy Reference
- TargetAlertPolicyAssociation Reference
- TargetDatabase Reference
- TargetDatabaseGroup Reference
- UnifiedAuditPolicy Reference
- UnifiedAuditPolicyDefinition Reference
- UserAssessment Reference