G How the Unified Auditing Migration Affects Individual Audit Features

Most of the pre-Oracle Database 12c release 1 (12.1) auditing features can be used before a unified auditing migration.

Table G-1 describes how the pre-Oracle Database 12c audit features change in the migration.

Table G-1 Availability of Unified Auditing Features Before and After Migration

Feature Availability in Pre-Migrated Environment Availability in Post-Migrated Environment

General Auditing Features

-

-

Operating system audit trail

Yes

No

XML file audit trail

Yes

No

Network auditing

Yes

No

The ability of users to audit and to removing auditing from their own schema objects

Yes

No

Mandatory auditing of audit administrative actions

No

Yes

Auditing Roles

-

-

AUDIT_ADMIN

Yes, but not needed for users who want to audit their own objects, nor for users who already have the ALTER SYSTEM privilege and want to change the auditing initialization parameters

Yes

AUDIT_VIEWER

Yes

Yes

System Tables

-

-

SYS.AUD$

Yes

Yes, but will only have pre-unified audit records

SYS.FGA_LOG$

Yes

Yes, but will only have pre-unified audit records

Initialization Parameters

-

-

AUDIT_TRAIL

Yes

Yes, but will not have any effect

AUDIT_FILE_DEST

Yes

Yes, but will not have any effect

AUDIT_SYS_OPERATIONS

Yes

Yes, but will not have any effect

AUDIT_SYSLOG_LEVEL

Yes

Yes, but will not have any effect

Data Dictionary Views Foot 1

-

-

ALL_AUDIT_POLICIES

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

DBA_AUDIT_POLICIES

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

DBA_AUDIT_POLICY_COLUMNS

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

DBA_COMMON_AUDIT_TRAIL

Yes

Yes, but will only have pre-unified audit records

DBA_AUDIT_EXISTS

Yes

Yes

DBA_AUDIT_OBJECT

Yes

Yes

DBA_AUDIT_POLICIES

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

DBA_AUDIT_POLICY_COLUMNS

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

DBA_AUDIT_SESSION

Yes

Yes, but will only have pre-unified audit records

DBA_AUDIT_STATEMENT

Yes

Yes, but will only have pre-unified audit records

DBA_AUDIT_TRAIL

Yes

Yes, but will only have pre-unified audit records. The RLS_INFO column captures audited Oracle VPD predicates.

DBA_FGA_AUDIT_TRAIL

Yes

Yes, but will only have pre-unified audit records. The RLS_INFO column captures audited Oracle VPD predicates.

DBA_OBJ_AUDIT_OPTS

Yes

Yes

DBA_PRIV_AUDIT_OPTS

Yes

Yes

DBA_STMT_AUDIT_OPTS

Yes

Yes

UNIFIED_AUDIT_TRAIL

Yes, but does not collect any audit records

Yes, and collects audit records

USER_AUDIT_OBJECT

Yes

Yes

USER_AUDIT_POLICY_COLUMN

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

USER_AUDIT_POLICIES

Yes

Yes, but only if fine-grained audit policies are created using the DBMS_FGA PL/SQL package

USER_AUDIT_SESSION

Yes

Yes

USER_AUDIT_STATEMENT

Yes

Yes

USER_AUDIT_TRAIL

Yes

Yes, but will only have pre-unified audit records

USER_OBJ_AUDIT_OPTS

Yes

Yes

V$XML_AUDIT_TRAIL

Yes

Yes, but will only have pre-unified audit records. The RLS_INFO column captures audited Oracle VPD predicates.

CREATE AUDIT POLICY, ALTER AUDIT POLICY, and DROP AUDIT POLICY Statements

The statements are available, but the audit policies will not write to the old audit trails. When a policy is enabled, its audit records are written to the unified audit trail.

Yes, but writes the audit record to the unified audit trail only

AUDIT and NOAUDIT Statements

-

-

AUDIT

Yes

Yes, but enhanced to enable audit policies; create application context audit settings; create audit records on success, failure, or both; and use in a multitenant environment

NOAUDIT

Yes

Yes, but changed to disable audit policies, disable application context audit settings

DBMS_FGA.ADD_POLICY Procedure Parameters

-

-

audit_trail

Yes, and is used as in previous releases

Yes, but when unified auditing is enabled, you can omit this parameter because all records will be written to the unified audit trail.

DBMS_AUDIT_MGMT Package AUDIT_TRAIL_TYPE Property Options

-

-

DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_FGA_STD

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_DB_STD

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_XML

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_FILES

Yes

Yes, but only pre-unified audit records

DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL

Yes

Yes, but only pre-unified audit records

Oracle Database Vault Features

-

-

DVSYS.AUDIT_TRAIL$ system table

Yes

Is renamed to DVSYS.OLD_AUDIT_TRAIL$ and retains the old audit records. The previous DVSYS.AUDIT_TRAIL$ table is made into a view named DVSYS.AUDIT_TRAIL$. No new audit records are added.

Oracle Label Security Features

-

-

SA_AUDIT_ADMIN PL/SQL package

Yes

No

Footnote 1

These data dictionary views will continue to show audit data from audit records that are still in the SYS.AUD$ and SYS.FGA_LOG$ system tables. Unified audit trail records are shown only in the unified audit trail-specific views. You must be granted the AUDIT_ADMIN or AUDIT_VIEWER role to query any views that are not prefaced with USER_.