View and Manage Audit Profiles

You can view audit profiles for target databases and target database groups, update them, compute audit volume with them, move them to different compartments, and add tags to them.

Audit Profile Details

You can view the following information in an audit profile for a target database:

• Profile name (editable)
• Target database to which the audit profile belongs
• Profile description (editable)
• Profile Oracle Cloud Identifier (OCID)
• When the audit profile was created and last updated
• Compartment in which the audit profile resides. This is always the same compartment to which the target database was registered.
• Whether the option to override any, global or target group, paid usage setting is selected.
• Whether paid usage is selected and the source of this setting (global, target group, or individual target). If the setting is from the individual target there will be no source listed.
• Whether the option to override any, global or target group, retention period is selected.
• Online and offline retention periods and the source of this setting (global, target group, or individual target). If the setting is from the individual target there will be no source listed.
• Audit volume (number of audit records collected by Oracle Data Safe from the target database that are applied to the current month's billing cycle)
• Available audit trail locations

  Note:

  For Active Data Guard associated target databases, you will see:

  • A UNIFIED_AUDIT_TRAIL collecting records from the AUDSYS.AUD$UNIFIED table of the primary database. For example, TABLE:PRIMARY.
  • A UNIFIED_AUDIT_TRAIL collecting audit records from the operating system spillover files of the primary database. For example, FILE:database_unique_name1.
  • A UNIFIED_AUDIT_TRAIL collecting audit records from the operating system spillover files of each peer database that is registered. For example, FILE:database_unique_name2.

  You can distinguish the UNIFIED_AUDIT_TRAIL that point to the operating system spillover files by the associated database unique name.
• Tags
• Monthly available data in the target database
• Monthly collected online audit data in Oracle Data Safe
• Monthly collected offline audit data in Oracle Data Safe

You can view the following information in an audit profile for a target database group:

• Profile name (editable)
• Target database group to which the audit profile belongs
• Profile description (editable)
• Profile Oracle Cloud Identifier (OCID)
• When the audit profile was created and last updated
• Compartment in which the audit profile resides.
• Whether paid usage is selected
• Online and offline retention periods
• The list of target databases whose retention periods and/or paid usage settings deviate from the target database group
• Tags

View an Audit Profile for a Target Database

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. (Optional) Under Filters, select a target database from the Target databases list to narrow the scope of displayed metrics.
4. Click on an audit profile for either an individual target database or target database group.
5. On the Audit Profile Details tab, view information about the audit profile.

Note:

You can also discover new audit trails for a target database from the Audit Profiles Details page. See Discover Audit Trails for a Target Database

Update the Name and Description of an Audit Profile

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. (Optional) Under Filters, select a target database from the Target databases list to narrow the scope of displayed metrics.
4. Click on an audit profile for either an individual target database or target database group.
5. To change the name of the audit profile, click the pencil icon next to the profile name and then enter the new name.
6. To change the description of the audit profile, click the pencil icon next to the profile description, edit the description and click the save icon.

Override Global Retention Period for a Target Database

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. Click on an audit profile for either an individual target database or target database group.
4. Click Update Retention. The Update Retention dialog box is displayed.
5. Select Yes at Do you want to override the global retention settings?.
   Your configuration for a target group will override the global retention policy settings. Your configuration for an individual database will override the retention settings for a target group, if applicable, or the global retention policy settings.

   Note:

   If a target database is a part of more than one target database group, then the longest retention setting will be used for the target, unless overridden at the target database level. This could lead to online and offline retention settings coming from different target group audit profiles.
6. For Online Retention, enter the number of months you want to store audit data online for immediate analysis.
7. For Offline Retention, enter the number of months that you want to store audit data offline.
8. (Optional) Depending on how much audit data you have, there may be additional costs. Click the Pricing Details link to learn more.
9. Click Update Retention.

Compute Available Audit Volume on a Target Database

You can query and view the monthly number of audit records collected on your target database from a particular date and time. It is possible to show audit records available in the target database. but not collected yet in Oracle Data Safe. Knowing how many audit records exist on your target database and when the records were generated can help you to determine when to start collecting audit records in Oracle Data Safe and manage the billing.

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. On the right, click the name of your target database. The audit profile for the selected target database is displayed.
4. Scroll down to the Compute Audit Volume section.
5. Click Available on Target Database. The Compute Available Volume dialog box is displayed.
6. For Select Start Date, click the box and configure a start date and time from which you want to view the available volume. Oracle Data Safe will list the audit records collected on your target database for each month following the date that you set here.
7. Click Compute. The number of audit records collected on your target database is updated next to each audit trail. For example, you might see a value like 0.4M next to UNIFIED_AUDIT_TRAIL, which means there are 0.4 million individual audit records collected in the UNIFIED_AUDIT_TRAIL on your target database.
   For Active Data Guard associated target databases, you will see:

   • A UNIFIED_AUDIT_TRAIL collecting records from the AUDSYS.AUD$UNIFIED table of the primary database. For example, TABLE:PRIMARY.
   • A UNIFIED_AUDIT_TRAIL collecting audit records from the operating system spillover files of the primary database. For example, FILE:database_unique_name1.
   • A UNIFIED_AUDIT_TRAIL collecting audit records from the operating system spillover files of each peer database that is registered. For example, FILE:database_unique_name2.

   You can distinguish the UNIFIED_AUDIT_TRAIL that point to the operating system spillover files by the associated database unique name.

Compute Collected Audit Volume for a Target Database

You can query and view the monthly number of audit records collected by Oracle Data Safe for your target database for a specific time period.

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. On the right, click the name of your target database. The audit profile for the selected target database is displayed.
4. Scroll down to the Compute Audit Volume section.
5. Click Compute Collected Volume. The Compute Collected Volume dialog box is displayed.
6. For Start Month, configure a start month from which you want to view the number of audit records.
7. For End Month, configure an end month.
8. Click Compute. The number of audit records collected by Oracle Data Safe is updated in the Collected in Data Safe (Online) column in the table.

Override Global Paid Usage for a Target Database

You can choose to collect or not collect audit records beyond the free limit of one million audit records per month per target database and target database group. Additional charges may apply. By default, target database groups will inherit the global paid usage settings, but this can be overridden for the group. Additionally, individual target databases can override the target group paid usage settings. If target databases are not part of a target database group, then they will inherit the global paid usage settings, but this can be overridden as well.

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. Click on an audit profile for either an individual target database or target database group.
4. Click Update Paid Usage. The Update Paid Usage dialog box is displayed.
5. Select Yes at Do you want to override the global paid usage settings?.

   Note:

   If a target database is a part of more than one target database group, if any of the target groups specify to use paid usage, then a target database will use paid usage unless overridden at the target database level.
6. Select or deselect Paid Usage.
7. Click Update Paid Usage.

Move an Audit Profile

1. Under Security center, click Activity auditing.
2. Under Related resources, click Audit profiles.
3. Click on an audit profile for either an individual target database or target database group.
4. Click Move resource. The Move resource dialog box is displayed.
5. From the drop-down list, select a destination compartment.
6. Click Move resource. The audit profile is moved immediately.

Add Tags to an Audit Profile

1. Under Security Center, click Activity Auditing.
2. Under Related Resources, click Audit Profiles.
3. Click on an audit profile for either an individual target database or target database group.
4. Click Add Tags. The Add Tags dialog box is displayed.
5. Configure one or more tags, and then click Add Tags.