Audit Insights

Audit Insights provides more detailed information about auditing data including the targets, objects, schemas, and users that produce the most activity.

About Audit Insights

Audit Insights provides you with a more detailed overview of auditing data for your target databases over a specified amount of time. You can use the various key metrics and charts to examine your activity auditing and refine your auditing policies.

Audit Insights compiles information from Activity Auditing to provide you with key metrics and summarized views. Analyzing your top items by audit volume can help you identify what audit policies should be adjusted to improve the overall security of your target databases.

Typical use cases include:
  • Identifying the top database(s) from the fleet of monitored targets contributing the most to the audit volume.
  • Identifying the audit policies generating the most audit volume across the fleet.
  • Identifying the client connections generating the most audit volume across the fleet.
  • Identifying if your audit policies are capturing enough database activity on your intended schemas and objects.
  • Identifying if your audit policies are enabled on the right set of database users whose activity you want to monitor.
  • Identifying if any of the databases in your fleet are generating a large audit volume unintentionally or are not generating enough audit volume to meet security requirements.
  • Analyzing audit volume by different filters including time-period and target scope.
Audit Insights provides you with key metrics such as the total number of:
  • Targets
  • Database users
  • Client hosts
  • Data definition language (DDL) commands
  • User and entitlement changes
  • Data manipulation language (DML) commands
  • Login failures
  • Events
The Audit Insights charts summarize the percentage breakdown by audit volume for each of the following items:
  • Targets
  • Audit policies
  • Schemas
  • Objects
  • Database users
  • Client hosts

View Audit Insights

  1. Under Data Safe - Database Security, select Activity auditing.
  2. Under Activity Auditing, select Audit Insights.

    The Audit Insights page displays key metrics and charts summarizing the percentage that the top ten individual resources make up of the audit volume of the top ten resources of a resource type.

    Each chart provides a legend for the resources included in the chart. At the end of each resource name is the target database that this resource is associated with. This can be seen by hovering over the resource name if not immediately visible.

  3. (Optional) Deselect one or more individual resources from the legend of each chart to analyze the remaining resources by audit volume.
  4. (Optional) Under Applied filters, select the compartment that contains your target database. Optionally select Include child compartments to include target database in the list from child compartments.
  5. (Optional) Under Applied filters select a time period from the Time period list to narrow the scope of displayed metrics and charts.
  6. (Optional) Select Add filters to apply target database or target database group filters.