C Audit Record Fields

Audit record fields capture data such as target, service, and policy names.

Table C-1 lists the fields in an Oracle AVDF audit record.

Table C-1 Audit Record Fields

Audit Record Field Description Column Type

Target Name

Target system secured by AVDF

VARCHAR(255)

Target Type

Type of target, for example, Microsoft SQL Server, IBM DB2 etc.

VARCHAR2(255)

Service Name

Target service used to perform this event

VARCHAR2 (255 CHAR)

Policy Name

Name of the policy when the event was recorded

VARCHAR2(1024)

Policy Name

From Oracle AVDF 20.3 and later

Name of the policy which caused the event

VARCHAR2(4000 CHAR)

Event Server Time

Time of entry of the audit record in the Audit Vault Server

Timestamp with local timezone

Event Time

Time of event occurrence

Timestamp with local timezone

User Name

Target user that performed the event

VARCHAR2(255)

Event Status

Status of completion of the event

VARCHAR2(30)

Error Code

Error number on event failure

VARCHAR2(30)

Error Message

Error message on event failure

VARCHAR2(1000)

Event Name

Name of the event as recognized by the target

VARCHAR2(255)

Action Taken

Action taken on the command

VARCHAR2(255)

Threat Severity

Threat severity assigned to the command

VARCHAR2(30 CHAR)

Log Cause

Reason for logging the event

NUMBER - Max 22 bytes

Target Object

Object affected by event

VARCHAR2(255)

Target Type

Type of target object, for example, Package, Type, Table

VARCHAR2(255)

Target Owner

Owner of target object

VARCHAR2(255)

Terminal

Name of the terminal (for example, Unix terminal) that was the source of the event

VARCHAR2(255 CHAR)

OS User Name

Operating system login name of the target user causing the event

VARCHAR2(255)

Client Host Name

Name of the host machine

VARCHAR2(255)

Client ID

Client identifier of the user whose actions were audited

VARCHAR2(1024 CHAR)

Client IP

IP address of the Client Host

VARCHAR2(255)

Network Connection

Description of the network connection

VARCHAR2(255)

Client Program

Name of program on Client Host that issued command

VARCHAR2(255)

Command Text

Command statement issued by target user

CLOB Securefile

Command Param

Parameters associated with command text

CLOB

Extension

Additional detailed information about the audited event

CLOB Securefile

Original Content

Audit record generated by target

CLOB Securefile

Command Class

Class of command issued by target user that caused the event

VARCHAR2(255)

Audit Type

Type of auditing

(Oracle AVDF 20.3 and later)

VARCHAR2(255 CHAR)

Application Context

Application context information

(Oracle AVDF 20.3 and later)

VARCHAR2(4000 BYTE)