Configure Auditing and Alerts

You can configure auditing and alerts in Activity Auditing.

Under Data Safe - Database Security, select Activity auditing.
Click Start audit trails.
Select a target database. If the database is not in the displayed compartment, select the correct compartment, and then choose the target database from that compartment.
If you wish to start collecting all the existing audit data in a particular audit trail, select the audit trail check box. Note: only trails that are in a NOT_STARTED or STOPPED state will be displayed as options.
Select a start date. This date will be applied to all trails selected. Note: if a trail is in a STOPPED state, it will resume from when it was stopped, not the new start date.
To review audit volume before starting the audit trail, click Configure auditing and alerts.
Click Start trail(s). The Collection state field shows as COLLECTING when the audit trail is in IDLE, COLLECTING or RECOVERING state. You can view the actual state (sub-state) in the work request details section.

From the Activity Auditing dashboard, you can configure auditing and alerts. This is the workflow.

Under Data Safe - Database Security, select Activity auditing.
Select Configure auditing and alerts.
Select to configure auditing for either an individual target database or a target database group.
Select the compartment for the target database (group).
Select the target database (group).
Select Next.

Note:

Managing alert policies for target database groups is not yet available.

Review the list of currently applied alert policies.
If you'd like to change what alert policies are applied, select Manage alert policies .
1. Select between the predefined and custom alert policies lists.
2. Select or deselect the policies you'd like to apply or remove.
3. Click Update.
Click Next.

Audit policies are now managed through Security Policies.

Review list of currently applied security policies.

Note:
Policies that are pre-selected and grayed out are required.
If you'd like to change what security policies are applied, select Manage security policies.
1. Select between the predefined and custom security policies lists.
2. Select or deselect the policies you'd like to apply or remove. Any policies that are not already deployed, will deploy once you complete the audit wizard.
3. Click Update.
Click Next.

Note:

Managing audit trails for target database groups is not yet available.

Select the audit trail(s) you want to start for the target database (group).
Select a start date. This only applies to audit trail(s) that were not previously started.
(Optional) Select the check box to automatically purge audit data after it has been read by Data Safe.

Note:
The option to automatically purge audit data will apply to all selected audit trails.
(Optional) In the Available audit records section, click Calculate audit records for additional months.
1. The Show number of available audit records window will appear. Select a start date, which will only apply to audit trails that have not been previously started.
2. Click Show.
Click Next.

Specify the number of months the audit records will be stored online in the Data Safe audit repository for immediate reporting and analysis. The minimum is 1 month, and the maximum is 12 months.
Specify the number of months the audit records will be stored offline in the Data Safe audit archive. The minimum is 0 months, and the maximum is 84 months. If you have a requirement to store the audit data even longer in the archive, contact Oracle Support.
Select Paid usage (Audit records > million/month) if you want to continue collecting audit records beyond the free limit of one million audit records per month per target database.
Click Next.

Review and confirm the changes for the target database (group).
The change for Audit Profile will indicate if your selections will override global or target database group settings. Navigate back to the Audit Profile section to change your selections if you don't want to override these settings.
Click Submit.