About Audit Insights
Audit Insights provides you with a more detailed overview of auditing data for your target databases over a specified amount of time. You can use the various key metrics and charts to examine your activity auditing and refine your auditing policies.
Audit Insights compiles information from Activity Auditing to provide you with key metrics and summarized views. Analyzing your top items by audit volume can help you identify what audit policies should be adjusted to improve the overall security of your target databases.
Typical use cases include:
- Identifying the top database(s) from the fleet of monitored targets contributing the most to the audit volume.
- Identifying the audit policies generating the most audit volume across the fleet.
- Identifying the client connections generating the most audit volume across the fleet.
- Identifying if your audit policies are capturing enough database activity on your intended schemas and objects.
- Identifying if your audit policies are enabled on the right set of database users whose activity you want to monitor.
- Identifying if any of the databases in your fleet are generating a large audit volume unintentionally or are not generating enough audit volume to meet security requirements.
- Analyzing audit volume by different filters including time-period and target scope.
Audit Insights provides you with key metrics such as the total number of:
- Targets
- Database users
- Client hosts
- Data definition language (DDL) commands
- User and entitlement changes
- Data manipulation language (DML) commands
- Login failures
- Events
The Audit Insights charts summarize the percentage breakdown by audit volume
for each of the following items:
- Targets
- Audit policies
- Schemas
- Objects
- Database users
- Client hosts
Clicking a section of any chart will display an All Activity report with filters applied based on the selected chart section.