O Oracle ACFS Audit Events
Oracle ACFS audit events include events such as ACFS_SEC_PREPARE
and ACFS_SEC_REALM_CREATE
.
Note:
Oracle Automatic Storage Management Cluster File System (Oracle ACFS) or Oracle Advanced Cluster File System was deprecated in Oracle AVDF release 20.7 and is desupported in 20.8.This appendix maps audit event names used in the Oracle ACFS to their equivalent values in the Source Event, Command Class, Target Object, Associate Object fields and the Status of the event occurred on target object in the Oracle Audit Vault and Database Firewall audit record.
Target Object can be either a Security Object, for example: Realm, Rules, Rulesets, and so on, or, a File System Object like File or Dir.
Event or Command Class can be of the following types.
-
For security objects
CREATE
,MODIFY
,DELETE
and so on. For example, if a realm is getting created, realm is target object andACFS_SEC_REALM_CREATE
is the event which is being mapped to the command classCREATE
(selected from a set given by Oracle Audit Vault and Database Firewall). -
For file system objects
READ
,WRITE
,OPEN
,DELETE
and so on. For example, if a file is being read, file is target object, andACFS_EVENT_READ_OP
is event which is being mapped to command classREAD
(selected from set given by Oracle Audit Vault and Database Firewall).
Associate Objects are the objects which are associated while an event is performed on a Target Object. For example, in Security commands where we add files to the realm as follows: Target object- realm, Event- ACFS_SEC_REALM_ADD
(MODIFY
), Associate object- file. Another example would be where a file is being read by a user: Target object- file, Event- ACFS_AUDIT_READ_OP
(READ
), Associate objects- realms.
The Status column specifies whether the command class executed on the target object succeeded or not.
See Also:
Oracle Audit Vault and Database Firewall Database Schemas for Oracle Audit Vault and Database Firewall data warehouse details that may be useful in designing your own reports.
Table O-1 lists the Oracle ACFS Security Objects audit events and the equivalent Oracle Audit Vault and Database Firewall events.
Table O-1 Oracle ACFS Security Objects Audit Events
Source Event | Command Class | Target Object | Associate Objects | Status |
---|---|---|---|---|
|
|
Mount Point |
Security |
|
|
|
Realm name |
None |
|
|
|
Realm name |
None |
|
|
|
Realm name |
|
|
|
|
Realm name |
|
|
|
|
Ruleset name |
None |
|
|
|
Ruleset name |
None |
|
|
|
Ruleset name |
Rulename |
|
|
|
Rule name |
None |
|
|
|
Rule name |
None |
|
|
|
Rule name |
None |
|
|
Realm/Ruleset/Rule name |
Mntpt1/Mntpt2 |
|
|
|
|
Mount Point |
None |
|
|
|
Mount Point |
None |
|
|
|
Mount Point |
AES-128/192/256 |
|
|
|
Mount Point |
AES-128/192/256 |
|
|
|
MountPoint |
Encryption |
|
|
|
Mount Point |
Encryption |
|
|
|
File name |
AES-128/192/256 |
|
|
|
File name |
None |
|
|
|
File name |
None |
|
|
|
Mount Point |
Audit |
|
|
|
Mount Point |
Audit |
|
|
|
Mount Point |
Audit trail |
|
|
|
Mount Point |
Audit trail |
|
|
|
Mount Point |
Audit trail |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
|
|
Acfsutil command |
None |
|
Table O-2 lists the Oracle ACFS File System Objects audit events and the equivalent Oracle Audit Vault and Database Firewall events.
Table O-2 Oracle ACFS File System Objects Audit Events
Source Event | Command Class | Target Object | Associate Objects | Status |
---|---|---|---|---|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
Directory name |
Realms and command rules |
|
|
|
Directory name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name |
Realms and command rules |
|
|
|
File name/Directory name |
Realms and command rules |
|
|
|
File name/Directory name |
Realms and command rules |
|
|
|
File name/Directory name |
Realms and command rules |
|
|
|
File name/Directory name |
Realms and command rules |
|
|
|
File name/Directory name |
Realms and command rules |
|