This section discusses how to configure audit and alert policies for monitoring Oracle database activities, collecting audit data, and generating alerts on audit events by using the Activity Auditing feature in Oracle Data Safe.
Activity Auditing Overview Activity Auditing lets you audit user activity on your target databases so you can monitor database usage and be alerted of unusual database activities.
Audit Policies An audit policy defines specific events to track in a target database.
Audit Trails An audit trail is a database table that stores audit data. In Oracle Data Safe, audit data collection copies audit data from the database's audit trail into the Oracle Data Safe audit table. You can use the auto purge feature to purge audit records from your target databases.
Alerts and Alert Policies An alert is a message that notifies you when a particular audit event happens on a target database. Alerts are based on the alert policies that you enable in Activity Auditing.
Audit Data Lifecycle Management The audit data retention, archival, and retrieval features help you to manage the quantity of audit data that you store with the Activity Auditing feature.
Activity Auditing Reports An Activity Auditing job generates reports that you can access from the Reports tab. The reports track general database activities, such as audited SQL statements, application access activities, and user login activities, as well as Oracle Data Safe activities.
Service Activity Report Oracle Data Safe administrators can use the Service Activity report to track user activities in Oracle Data Safe.
Add Audit Trails For each target database that you want to collect audit records, you need to add at least one audit trail to Oracle Data Safe. You can add audit trails from the Audit Trails page or while you are working in the Activity Auditing wizard.
Manage Alerts Alerts notify you when particular events occur on your target databases and collect on the Alerts page in the Oracle Data Safe Console. Oracle Data Safe provides ways that you can investigate, monitor, and report on alerts as well as modify the types of alerts generated.