View and Manage Audit Policies

You can view and provision audit policies, update the list of available audit policies, update users and roles for audit policies, move audit policies to different compartments, and add tags to audit policies.

Audit Policy Details

Each Oracle Data Safe audit policy stores the following details:

  • Policy name
  • Target database to which the audit policy belongs
  • Policy description
  • Policy Oracle Cloud Identifier (OCID)
  • Compartment in which the audit policy resides
  • Details for basic, admin, user, custom, compliance, and predefined policies. A green circle means that the policy is enabled. A grey circle means that the policy is disabled. A statement indicates whether the policy is enabled for all users, specific users, and/or roles.

View an Audit Policy

  1. Under Security Center, click Activity Auditing.
  2. Under Related Resources, click Audit Policies.
  3. On the right, click the name of the target database for which you want to view the audit policy.
    The Audit Policies Details page is displayed.
  4. On the Audit Policy Details tab, view policy details.
    • A green circle means that the policy is enabled.
    • A grey circle means that the policy is disabled.
    • A statement indicates whether the policy is enabled for all users, specific users, and/or roles.

Provision or Disable Audit Policies on a Target Database

For database version-related limitations, please see Supported Target Databases.

  1. Under Security Center, click Activity Auditing.
  2. Under Related Resources, click Audit Policies.
  3. On the right, click the name of your target database on which you want to provision an audit policy.
    The Audit Policies Details page is displayed.
  4. Click Provision.
    The Provision Audit Policies panel is displayed.
  5. Note the Data Safe User Activity Excluded option on this page. If selected, then Oracle Data Safe user activity is not audited in this policy.

    Note:

    Exclusion will fail for the following instances:
    • RDBMS mandatory auditing
    • Compliance policies, such as STIG and CIS
    • Any custom audit policies that are provisioned exclusively on the Data Safe user
    • Any audit policies that audit a role that is already assigned to the Data Safe user
    • Audit records generated by a traditional audit trail
  6. Select the audit policies that you want to provision on the target database. Deselect audit policies that you want to disable.
  7. (Optional) Configure the audit policy for specific users or roles:
    1. Click the Enabled for all users or Enabled for specific users and/or roles link.
      The Configure Policy window is displayed.
    2. Select one of the following options. The options in the dialog box change according to your selection.
      • All users
      • Only a specific set of users and/or roles
      • All users except a specific set of users
    3. If you selected All users, then for Audit when operations, select Success, Failure, or Success or Failure.
    4. If you selected Only a specific set of users and/or roles, click Add Users/Roles.
      If you add the Data Safe service account user then the Data Safe User Activity Excluded selection will be overridden and the activity of the Data Safe service account will be audited.
    5. If you selected All users except a specific set of users,
    6. Click Save.
  8. Click Provision.
    The selected audit policies are enabled on your target database.

    Note:

    You cannot provision a custom audit policy.

Retrieve the Latest Audit Policies for a Target Database

You can retrieve the latest audit policies for a target database at any time. This is helpful if new custom policies were added to your target database and you want to enable or disable them through Oracle Data Safe. Or, if audit policies were provisioned from a REST API or SDK CLI, you can retrieve the policies in Oracle Data Safe to view which ones are enabled.

For database version-related limitations, please see Supported Target Databases.

  1. Under Security Center, click Activity Auditing.
  2. Under Related Resources, click Audit Policies.
  3. On the right, click the name of your target database.
    The Audit Policies Details page is displayed.
  4. Click Retrieve.
    The list of audit policies is updated on the page.

Update Users and Roles for Audit Policies

From the audit policy page for a target database, you can update the users and roles configured for provisioned audit policies.

  1. Under Security Center, click Activity Auditing.
  2. Under Related Resources, click Audit Policies.
  3. On the right, click the name of your target database.
    The Audit Policies Details page is displayed.
  4. For the audit policy that you want to configure users, click View Details.
    The Configure Policy panel is displayed.
  5. (Optional) If the roles on the target database have been updated since the stated time and date, click Refresh Database Roles.
  6. Select one of the following options. All three options may not be available for every audit policy.
    • All users
    • Only a specific set of users and/or roles
    • All users except a specific set of users
  7. If you selected All users, then for Audit when operations, select Success, Failure, or Success or Failure.
  8. If you selected Only a specific set of users and/or roles, click Add Users/Roles, and then do the following in the Inclusion Criteria section:
    1. From the first drop-down list, select Users or Roles.
    2. From the second drop-down list, select users or roles (one at a time).
    3. From the third drop-down list, select an operation status (Success, Failure, or Success or Failure).
    4. Click Add.
    5. Repeat steps a through d to add additional users and/or roles.
  9. If you selected All users except a specific set of users, and then do the following in the Exclusion Criteria section:
    1. From the first drop-down list, select users to exclude (one at a time).
    2. From the second drop-down list, select an operation status (Success, Failure, or Success or Failure).
  10. Click Update and Provision.

Move an Audit Policy to a Different Compartment

  1. Under Security center, click Activity auditing.
  2. Under Related resources, click Audit policies.
  3. On the right, click the name of your target database.
    The Audit policy information page is displayed.
  4. Click Move resource.
    The Move resource dialog box is displayed.
  5. From the drop-down list, select a destination compartment.
  6. Click Move resource.
    The audit policy is immediately moved to the specified compartment.

Add Tags for an Audit Policy

  1. Under Security Center, click Activity Auditing.
  2. Under Related Resources, click Audit Policies.
  3. On the right, click the name of your target database.
    The Audit Policies Details page is displayed.
  4. Click Add Tags.
    The Add Tags dialog box is displayed.
  5. Configure one or more tags, and then click Add Tags.