Skip Headers
Oracle® Audit Vault Administrator's Guide
Release 10.2.3

Part Number E11059-03
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

G DBMS_AUDIT_MGMT PL/SQL Package

DBMS_AUDIT_MGMT provides subprograms to manage audit trail records. These subprograms enable audit administrators to manage the various audit trail types like database audit trails, operating system (OS) audit trails, and XML audit trails.

See Also:

Oracle Database Security Guide regarding use of the DBMS_AUDIT_MGMT package to manage audit trails

This chapter contains the following topics:


Using DBMS_AUDIT_MGMT

This section contains topics which relate to using the DBMS_AUDIT_MGMT package. The following topics are included:


Overview

Database auditing helps meet your database security and compliance requirements. Audit records are written to database tables, operating system (OS) files, or XML files depending on the AUDIT_TRAIL initialization parameter setting.

When AUDIT_TRAIL is set to DB, database records are written to the AUD$ and FGA_LOG$ tables in the SYSTEM tablespace. When AUDIT_TRAIL is set to OS, audit records are written to operating system files. When AUDIT_TRAIL is set to XML, audit records are written to operating system files in XML format.

See Also:

Oracle Database Security Guide for more background information on database auditing

It is important to manage your audit records properly in order to ensure efficient auditing and clean up.The DBMS_AUDIT_MGMT subprograms enable you to efficiently manage your audit trail records.

The DBMS_AUDIT_MGMT package provides a subprogram that allows you to move the database audit trail tables out of the SYSTEM tablespace. This improves overall database performance. It also allows you to dedicate an optimized tablespace for audit records.

The DBMS_AUDIT_MGMT subprograms also enable you to manage your operating system and XML audit records. You can define properties like the maximum size and age of an audit file. New audit files are automatically created once the maximum limits are reached.

The DBMS_AUDIT_MGMT subprograms enable you to perform cleanup operations on all audit trail types. Audit trail records can be deleted based on their last archive timestamp. The last archive timestamp indicates when the audit records were last archived.

The DBMS_AUDIT_MGMT package provides a subprogram that enables audit administrators to set the last archive timestamp for archived audit records. This subprogram can also be used by external archival systems to set the last archive timestamp.

The DBMS_AUDIT_MGMT subprograms also enable you to configure jobs that periodically delete audit trail records. The frequency with which these jobs should run can be controlled by the audit administrator.


Security Model

All DBMS_AUDIT_MGMT subprograms require the user to have EXECUTE privilege over the DBMS_AUDIT_MGMT package. The SYSDBA role has EXECUTE privileges on the package by default.

Only audit administrators should have EXECUTE privileges over the DBMS_AUDIT_MGMT package.


Constants

The DBMS_AUDIT_MGMT package defines several enumerated constants that should be used for specifying parameter values. Enumerated constants must be prefixed with the package name, for example, DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD.

The DBMS_AUDIT_MGMT package uses the constants shown in the following tables:

Audit trails can be classified based on whether audit records are written to database tables, operating system files, or XML files. Table G-1 lists the audit trail type constants.

Table G-1 DBMS_AUDIT_MGMT Constants - Audit Trail Types

Constant Type Value Description

AUDIT_TRAIL_ALL

PLS_INTEGER

15

All audit trail types. This includes the standard database audit trail (SYS.AUD$ and SYS.FGA_LOG$ tables), operating system (OS) audit trail, and XML audit trail.

AUDIT_TRAIL_AUD_STD

PLS_INTEGER

1

Standard database audit records in the SYS.AUD$ table

AUDIT_TRAIL_DB_STD

PLS_INTEGER

3

Both standard audit (SYS.AUD$) and FGA audit(SYS.FGA_LOG$) records

AUDIT_TRAIL_FGA_STD

PLS_INTEGER

2

Standard database fine-grained auditing (FGA) records in the SYS.FGA_LOG$ table

AUDIT_TRAIL_FILES

PLS_INTEGER

12

Both operating system (OS) and XML audit trails

AUDIT_TRAIL_OS

PLS_INTEGER

4

Operating system audit trail. This refers to the audit records stored in operating system files.

AUDIT_TRAIL_XML

PLS_INTEGER

8

XML audit trail. This refers to the audit records stored in XML files.


Audit trail properties determine the audit configuration settings. Table G-2 lists the constants related to audit trail properties.

Table G-2 DBMS_AUDIT_MGMT Constants - Audit Trail Properties

Constant Type Value Description

CLEAN_UP_INTERVAL

PLS_INTEGER

21

Interval, in hours, after which the cleanup job is called to clear audit records in the specified audit trail

DB_DELETE_BATCH_SIZE

PLS_INTEGER

23

Specifies the batch size to be used for deleting audit records in database audit tables. The audit records are deleted in batches of size equal to DB_DELETE_BATCH_SIZE.

OS_FILE_MAX_AGE

PLS_INTEGER

17

Specifies the maximum number of days for which an operating system (OS) or XML audit file can be kept open before a new audit file gets created

OS_FILE_MAX_SIZE

PLS_INTEGER

16

Specifies the maximum size to which an operating system (OS) or XML audit file can grow before a new file is opened


The audit trail purge job cleans the audit trail. Table G-3 lists the constants related to purge job status values.

Table G-3 DBMS_AUDIT_MGMT Constants - Purge Job Status

Constant Type Value Description

PURGE_JOB_DISABLE

PLS_INTEGER

32

Disables a purge job

PURGE_JOB_ENABLE

PLS_INTEGER

31

Enables a purge job


The DBMS_AUDIT_MGMT package allows you to trace operations for diagnostic purposes. Table G-4 lists the constants related to trace level values.

Table G-4 DBMS_AUDIT_MGMT Constants - Trace Level Values

Constant Type Value Description

TRACE_LEVEL_DEBUG

PLS_INTEGER

1

Logs detailed debug messages

TRACE_LEVEL_ERROR

PLS_INTEGER

2

Logs only error messages



Views

The DBMS_AUDIT_MGMT package uses the views shown in Table G-5.

Table G-5 Views used by DBMS_AUDIT_MGMT

View Description

DBA_AUDIT_MGMT_CLEAN_EVENTS

Displays the cleanup event history

DBA_AUDIT_MGMT_CLEANUP_JOBS

Displays the currently configured audit trail purge jobs

DBA_AUDIT_MGMT_CONFIG_PARAMS

Displays the currently configured audit trail properties

DBA_AUDIT_MGMT_LAST_ARCH_TS

Displays the last archive timestamps set for the audit trails



Subprogram Groups

The DBMS_AUDIT_MGMT package subprograms can be grouped into the following categories:


Audit Trail Management Subprograms

Audit trail management subprograms enable you to manage audit trail properties.

Table G-6 Audit Trail Management Subprograms

Subprogram Description

CLEAR_AUDIT_TRAIL_PROPERTY Procedure

Clears the value for the audit trail property that you specify

SET_AUDIT_TRAIL_LOCATION Procedure

Moves the audit trail tables from their current tablespace to a user-specified tablespace

SET_AUDIT_TRAIL_PROPERTY Procedure

Sets the audit trail properties for the audit trail type that you specify

SET_DEBUG_LEVEL Procedure

Sets the trace level for the DBMS_AUDIT_MGMT package


The Summary of DBMS_AUDIT_MGMT Subprograms contains a complete listing of all subprograms in the package.


Audit Trail Cleanup Subprograms

Audit trail cleanup subprograms help you perform cleanup related operations on the audit trail records.

Table G-7 Audit Trail Cleanup Subprograms

Subprogram Description

CLEAN_AUDIT_TRAIL Procedure

Deletes audit trail records that have been archived

CLEAR_LAST_ARCHIVE_TIMESTAMP Procedure

Clears the timestamp set by the SET_LAST_ARCHIVE_TIMESTAMP Procedure

CREATE_PURGE_JOB Procedure

Creates a purge job for periodically deleting the audit trail records

DEINIT_CLEANUP Procedure

Undoes the setup and initialization performed by the INIT_CLEANUP Procedure

DROP_PURGE_JOB Procedure

Drops the purge job created using the CREATE_PURGE_JOB Procedure

GET_AUDIT_COMMIT_DELAY Function

Returns the Audit COMMIT Delay as the number of seconds. This is the maximum time that it takes to COMMIT an audit record to the database audit trail.

INIT_CLEANUP Procedure

Sets up the audit management infrastructure and sets a default cleanup interval for audit trail records

IS_CLEANUP_INITIALIZED Function

Checks to see if the INIT_CLEANUP Procedure has been run for an audit trail type

SET_LAST_ARCHIVE_TIMESTAMP Procedure

Sets a timestamp indicating when the audit records were last archived

SET_PURGE_JOB_INTERVAL Procedure

Sets the interval at which the CLEAN_AUDIT_TRAIL Procedure is called for the purge job that you specify

SET_PURGE_JOB_STATUS Procedure

Enables or disables the purge job that you specify


The Summary of DBMS_AUDIT_MGMT Subprograms contains a complete listing of all subprograms in the package.


Summary of DBMS_AUDIT_MGMT Subprograms

Table G-8 DBMS_AUDIT_MGMT Package Subprograms

Subprogram Description

CLEAN_AUDIT_TRAIL Procedure

Deletes audit trail records that have been archived

CLEAR_AUDIT_TRAIL_PROPERTY Procedure

Clears the value for the audit trail property that you specify

CLEAR_LAST_ARCHIVE_TIMESTAMP Procedure

Clears the timestamp set by the SET_LAST_ARCHIVE_TIMESTAMP Procedure

CREATE_PURGE_JOB Procedure

Creates a purge job for periodically deleting the audit trail records

DEINIT_CLEANUP Procedure

Undoes the setup and initialization performed by the INIT_CLEANUP Procedure

DROP_PURGE_JOB Procedure

Drops the purge job created using the CREATE_PURGE_JOB Procedure

GET_AUDIT_COMMIT_DELAY Function

Returns the Audit COMMIT Delay as the number of seconds. This is the maximum time that it takes to COMMIT an audit record to the database audit trail.

INIT_CLEANUP Procedure

Sets up the audit management infrastructure and sets a default cleanup interval for audit trail records

IS_CLEANUP_INITIALIZED Function

Checks to see if the INIT_CLEANUP Procedure has been run for an audit trail type

SET_AUDIT_TRAIL_LOCATION Procedure

Moves the audit trail tables from their current tablespace to a user-specified tablespace

SET_AUDIT_TRAIL_PROPERTY Procedure

Sets the audit trail properties for the audit trail type that you specify

SET_DEBUG_LEVEL Procedure

Sets the trace level for the DBMS_AUDIT_MGMT package

SET_LAST_ARCHIVE_TIMESTAMP Procedure

Sets a timestamp indicating when the audit records were last archived

SET_PURGE_JOB_INTERVAL Procedure

Sets the interval at which the CLEAN_AUDIT_TRAIL Procedure is called for the purge job that you specify

SET_PURGE_JOB_STATUS Procedure

Enables or disables the purge job that you specify



CLEAN_AUDIT_TRAIL Procedure

This procedure deletes audit trail records that have been archived.

The CLEAN_AUDIT_TRAIL procedure is usually called after the SET_LAST_ARCHIVE_TIMESTAMP Procedure has been used to set the last archived timestamp for the audit records.

Syntax

DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL(
   audit_trail_type         IN PLS_INTEGER,
   use_last_arch_timestamp  IN BOOLEAN DEFAULT TRUE) ;

Parameters

Table G-9 CLEAN_AUDIT_TRAIL Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the cleanup operation needs to be performed. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" .

use_last_arch_timestamp

Specifies whether the last archived timestamp should be used for deciding on the records that should be deleted.

A value of TRUE indicates that only audit records created before the last archive timestamp should be deleted.

A value of FALSE indicates that all audit records should be deleted.

The default value is TRUE.


Examples

The following example calls the CLEAN_AUDIT_TRAIL procedure to clean up the operating system (OS) audit trail records that were created before the last archive timestamp.

BEGIN
DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL(
   audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
   use_last_arch_timestamp => TRUE);
END;
/

CLEAR_AUDIT_TRAIL_PROPERTY Procedure

This procedure clears the value for the audit trail property that is specified. Audit trail properties are set using the SET_AUDIT_TRAIL_PROPERTY Procedure.

The CLEAR_AUDIT_TRAIL_PROPERTY procedure can optionally reset the property value to it's default value through the use_default_values parameter.

Syntax

DBMS_AUDIT_MGMT.CLEAR_AUDIT_TRAIL_PROPERTY(
   audit_trail_type        IN PLS_INTEGER,
   audit_trail_property    IN PLS_INTEGER,
   use_default_values      IN BOOLEAN DEFAULT FALSE) ;

Parameters

Table G-10 CLEAR_AUDIT_TRAIL_PROPERTY Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the property needs to be cleared. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"

audit_trail_property

The audit trail property whose value needs to be cleared. You cannot clear the value for the CLEANUP_INTERVAL property.

Audit trail properties are listed in Table G-2, "DBMS_AUDIT_MGMT Constants - Audit Trail Properties"

use_default_values

Specifies whether the default value of the audit_trail_property should be used in place of the cleared value. A value of TRUE causes the default value of the parameter to be used. A value of FALSE causes the audit_trail_property to have no value.

The default value for this parameter is FALSE.


Usage Notes

The following usage notes apply:

Examples

The following example calls the CLEAR_AUDIT_TRAIL_PROPERTY procedure to clear the value for the audit trail property, OS_FILE_MAX_SIZE. The procedure uses a value of FALSE for the USE_DEFAULT_VALUES parameter. This means that the OS_FILE_MAX_SIZE property will no longer determine the size of the operating system (OS) audit files.

BEGIN
DBMS_AUDIT_MGMT.CLEAR_AUDIT_TRAIL_PROPERTY(
   AUDIT_TRAIL_TYPE        =>  DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
   AUDIT_TRAIL_PROPERTY    =>  DBMS_AUDIT_MGMT.OS_FILE_MAX_SIZE,
   USE_DEFAULT_VALUES      =>  FALSE );
END;
/

CLEAR_LAST_ARCHIVE_TIMESTAMP Procedure

This procedure clears the timestamp set by the SET_LAST_ARCHIVE_TIMESTAMP Procedure.

Syntax

DBMS_AUDIT_MGMT.CLEAR_LAST_ARCHIVE_TIMESTAMP(
   audit_trail_type     IN PLS_INTEGER,
   rac_instance_number  IN PLS_INTEGER DEFAULT 0) ;

Parameters

Table G-11 CLEAR_LAST_ARCHIVE_TIMESTAMP Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the timestamp needs to be cleared. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" .

rac_instance_number

The instance number for the Oracle Real Application Clusters (RAC) instance. The default value is 0, which is used for the database audit trail type.

The rac_instance_number is not relevant for the database audit trail type, as the database audit trail tables are shared by all RAC instances.


Examples

The following example calls the CLEAR_LAST_ARCHIVE_TIMESTAMP procedure to clear the timestamp value for the operating system (OS) audit trail type.

BEGIN
DBMS_AUDIT_MGMT.CLEAR_LAST_ARCHIVE_TIMESTAMP(
   audit_trail_type     =>  DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
   rac_instance_number  =>  1 /* single instance database */);
END;
/

CREATE_PURGE_JOB Procedure

This procedure creates a purge job for periodically deleting the audit trail records. The procedure can use the timestamp value set by the SET_LAST_ARCHIVE_TIMESTAMP Procedure to decide upon the records to be deleted.

This procedure carries out the cleanup operation at intervals specified by the user. It calls the CLEAN_AUDIT_TRAIL Procedure to perform the cleanup operation.

The SET_PURGE_JOB_INTERVAL Procedure is used to modify the frequency of the purge job.

The SET_PURGE_JOB_STATUS Procedure is used to enable or disable the purge job.

The DROP_PURGE_JOB Procedure is used to drop a purge job created with the CREATE_PURGE_JOB procedure.

Syntax

DBMS_AUDIT_MGMT.CREATE_PURGE_JOB(
   audit_trail_type            IN PLS_INTEGER,
   audit_trail_purge_interval  IN PLS_INTEGER,
   audit_trail_purge_name      IN VARCHAR2,
   use_last_arch_timestamp     IN BOOLEAN DEFAULT TRUE) ;

Parameters

Table G-12 CREATE_PURGE_JOB Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the purge job needs to be created. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" .

audit_trail_purge_interval

The interval, in hours, at which the clean up procedure is called. A lower value means that the cleanup is performed more often.

audit_trail_purge_name

A name to identify the purge job.

use_last_arch_timestamp

Specifies whether the last archived timestamp should be used for deciding on the records that should be deleted.

A value of TRUE indicates that only audit records created before the last archive timestamp should be deleted.

A value of FALSE indicates that all audit records should be deleted.

The default value is TRUE.


Usage Notes

Use this procedure to schedule the CLEAN_AUDIT_TRAIL Procedure for your audit records.

Examples

The following example calls the CREATE_PURGE_JOB procedure to create a cleanup job called CLEANUP, for all audit trail types. It sets the audit_trail_purge_interval parameter to 100. This means that the cleanup job is invoked every 100 hours. It also sets the use_last_arch_timestamp parameter value to TRUE. This means that all audit records older than the last archive timestamp are deleted.

BEGIN
DBMS_AUDIT_MGMT.CREATE_PURGE_JOB(
  audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL,
  audit_trail_purge_interval => 100 /* hours */,  
  audit_trail_purge_name => 'CLEANUP',
  use_last_arch_timestamp => TRUE);
END;
/

DEINIT_CLEANUP Procedure

This procedure undoes the setup and initialization performed by the INIT_CLEANUP Procedure. The DEINIT_CLEANUP procedure clears the value of the default_cleanup_interval parameter. However, it does not move the audit trail tables back to their original location.

Syntax

DBMS_AUDIT_MGMT.DEINIT_CLEANUP(
   audit_trail_type  IN PLS_INTEGER) ;

Parameters

Table G-13 DEINIT_CLEANUP Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the procedure needs to be called.

Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"


Usage Notes

You can change the default_cleanup_interval later using the SET_AUDIT_TRAIL_PROPERTY Procedure.

Examples

The following example clears the default_cleanup_interval parameter setting for the standard database audit trail:

BEGIN
DBMS_AUDIT_MGMT.DEINIT_CLEANUP(
  AUDIT_TRAIL_TYPE  => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD);
END;
/

DROP_PURGE_JOB Procedure

This procedure drops the purge job created using the CREATE_PURGE_JOB Procedure. The name of the purge job is passed as an argument.

Syntax

DBMS_AUDIT_MGMT.DROP_PURGE_JOB(
   audit_trail_purge_name    IN VARCHAR2) ;

Parameters

Table G-14 DROP_PURGE_JOB Procedure Parameters

Parameter Description

audit_trail_purge_name

The name of the purge job which is being deleted. This is the purge job name that you specified with the CREATE_PURGE_JOB Procedure.


Examples

The following example calls the DROP_PURGE_JOB procedure to drop the purge job called CLEANUP.

BEGIN
DBMS_AUDIT_MGMT.DROP_PURGE_JOB(
  AUDIT_TRAIL_PURGE_NAME  => 'CLEANUP');
END;
/

GET_AUDIT_COMMIT_DELAY Function

This function returns the Audit COMMIT Delay as the number of seconds. Audit COMMIT Delay is the maximum time that it takes to COMMIT an audit record to the database audit trail. If it takes more time to COMMIT an audit record than defined by the Audit COMMIT Delay, then the audit record is written to the operating system (OS) audit trail.

The Audit COMMIT Delay value is useful when determining the last archive timestamp for database audit records.

Syntax

DBMS_AUDIT_MGMT.GET_AUDIT_COMMIT_DELAY
  RETURN NUMBER;

INIT_CLEANUP Procedure

This procedure sets up the audit management infrastructure and a default cleanup interval for the audit trail records. The procedure also moves the audit trail tables out of the SYSTEM tablespace.

Moving the audit trail tables out of the SYSTEM tablespace enhances overall database performance. The INIT_CLEANUP procedure moves the audit trail tables to the SYSAUX tablespace. If the SET_AUDIT_TRAIL_LOCATION Procedure has already moved the audit tables elsewhere, then they are not moved back to the SYSAUX tablespace.

The SET_AUDIT_TRAIL_LOCATION Procedure enables you to specify an alternate target tablespace for the database audit tables.

The INIT_CLEANUP procedure is currently not relevant for the AUDIT_TRAIL_OS, AUDIT_TRAIL_XML, and AUDIT_TRAIL_FILES audit trail types. No preliminary set up is required for these audit trail types.

See Also:

Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" for a list of all audit trail types

This procedure also sets a default cleanup interval for the audit trail records.

Syntax

DBMS_AUDIT_MGMT.INIT_CLEANUP(
   audit_trail_type          IN PLS_INTEGER,
   default_cleanup_interval  IN PLS_INTEGER);

Parameters

Table G-15 INIT_CLEANUP Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the clean up operation needs to be initialized.

Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"

default_cleanup_interval

The default time interval, in hours, after which the cleanup procedure should be called. The minimum value is 1 and the maximum is 999.


Usage Notes

The following usage notes apply:

Examples

The following example calls the INIT_CLEANUP procedure to set a default_cleanup_interval of 12 hours for all audit trail types:

BEGIN
DBMS_AUDIT_MGMT.INIT_CLEANUP(
              audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL,
      default_cleanup_interval => 12 /* hours */);
END;
/

See Also:

Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" for a list of all audit trail types

IS_CLEANUP_INITIALIZED Function

This function checks to see if the INIT_CLEANUP Procedure has been run for an audit trail type. The IS_CLEANUP_INITIALIZED function returns TRUE if the procedure has already been run for the audit trail type. It returns FALSE if the procedure has not been run for the audit trail type.

This function is currently not relevant for the AUDIT_TRAIL_OS, AUDIT_TRAIL_XML, and AUDIT_TRAIL_FILES audit trail types. The function always returns TRUE for these audit trail types. No preliminary set up is required for these audit trail types.

See Also:

Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" for a list of all audit trail types

Syntax

DBMS_AUDIT_MGMT.DEINIT_CLEANUP(
   audit_trail_type  IN PLS_INTEGER)
 RETURN BOOLEAN;

Parameters

Table G-16 IS_CLEANUP_INITIALIZED Function Parameters

Parameter Description

audit_trail_type

The audit trail type for which the function needs to be called.

Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"


Examples

The following example checks to see if the standard database audit trail type has been initialized for cleanup operation. If the audit trail type has not been initialized, then it calls the INIT_CLEANUP Procedure to initialize the audit trail type.

BEGIN
 IF 
   NOT DBMS_AUDIT_MGMT.IS_CLEANUP_INITIALIZED(DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD)
 THEN
   DBMS_AUDIT_MGMT.INIT_CLEANUP(
      audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD,
      default_cleanup_interval => 12 /* hours */);
 END IF;
END;
/

SET_AUDIT_TRAIL_LOCATION Procedure

This procedure moves the audit trail tables from their current tablespace to a user-specified tablespace.

The SET_AUDIT_TRAIL_LOCATION procedure is currently not relevant for the AUDIT_TRAIL_OS, AUDIT_TRAIL_XML, and AUDIT_TRAIL_FILES audit trail types. The AUDIT_FILE_DEST initialization parameter can be used to specify the destination directory for these audit trail types.

See Also:

Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" for a list of all audit trail types

Syntax

DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_LOCATION(
   audit_trail_type            IN PLS_INTEGER,
   audit_trail_location_value  IN VARCHAR2) ;

Parameters

Table G-17 SET_AUDIT_TRAIL_LOCATION Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the audit trail location needs to be set.

Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"

audit_trail_location_value

The target location/tablespace for the audit trail records


Usage Notes

The following usage notes apply:

Examples

The following example moves the database audit trail tables, AUD$ and FGA_LOG$, from the current tablespace to a user-created tablespace called RECORDS:

BEGIN
DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_LOCATION(
       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_DB_STD,
       audit_trail_location_value =>  'RECORDS');
END;
/

SET_AUDIT_TRAIL_PROPERTY Procedure

This procedure sets the audit trail properties for the audit trail type that is specified.

The procedure sets properties like OS_FILE_MAX_SIZE and OS_FILE_MAX_AGE for operating system (OS) and XML audit trail types. These properties determine the maximum size and age of an audit trail file before a new audit trail file gets created.

The procedure sets properties like DB_DELETE_BATCH_SIZE and CLEANUP_INTERVAL for the database audit trail type. DB_DELETE_BATCH_SIZE specifies the batch size in which records get deleted from audit trail tables. This ensures that if a cleanup operation gets interrupted midway, the process does not need to start afresh the next time it is invoked. This is because all batches before the last processed batch are already deleted.

The CLEANUP_INTERVAL specifies the frequency, in hours, with which the cleanup procedure is called.

Syntax

DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(
   audit_trail_type            IN PLS_INTEGER,
   audit_trail_property        IN PLS_INTEGER,
   audit_trail_property_value  IN PLS_INTEGER) ;

Parameters

Table G-18 SET_AUDIT_TRAIL_PROPERTY Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the property needs to be set. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types"

audit_trail_property

The audit trail property that is being set. Audit trail properties are listed in Table G-2, "DBMS_AUDIT_MGMT Constants - Audit Trail Properties"

audit_trail_property_value

The value of the property specified using audit_trail_property. The following are valid values for audit trail properties:

  • OS_FILE_MAX_SIZE can have a minimum value of 1 and maximum value of 2000000. The default value is 10000. OS_FILE_MAX_SIZE is measured in kilobytes (KB).

  • OS_FILE_MAX_AGE can have a minimum value of 1 and a maximum value of 497. The default value is 5. OS_FILE_MAX_AGE is measured in days.

  • DB_DELETE_BATCH_SIZE can have a minimum value of 100 and a maximum value of 1000000. The default value is 10000. DB_DELETE_BATCH_SIZE is measured as the number of audit records that are deleted in one batch.

  • CLEANUP_INTERVAL can have a minimum value of 1 and a maximum value of 999. The default value is set using the INIT_CLEANUP Procedure. CLEANUP_INTERVAL is measured in hours.


Usage Notes

The following usage notes apply:

Examples

The following example calls the SET_AUDIT_TRAIL_PROPERTY procedure to set the OS_FILE_MAX_SIZE property for the operating system (OS) audit trail. It sets this property value to 102400. This means that a new audit file gets created every time the current audit file size reaches 100 MB.

BEGIN
DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(
       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
       audit_trail_property  =>  DBMS_AUDIT_MGMT.OS_FILE_MAX_SIZE,
       audit_trail_property_value =>  102400 /* 100MB*/ );
END;
/

The following example calls the SET_AUDIT_TRAIL_PROPERTY procedure to set the OS_FILE_MAX_AGE property for the operating system (OS) audit trail. It sets this property value to 5. This means that a new audit file gets created every sixth day.

BEGIN
DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(
       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
       audit_trail_property  =>  DBMS_AUDIT_MGMT.OS_FILE_MAX_AGE,
       audit_trail_property_value  =>  5 /* days */);
END;
/

The following example calls the SET_AUDIT_TRAIL_PROPERTY procedure to set the DB_DELETE_BATCH_SIZE property for the AUDIT_TRAIL_AUD_STD audit trail. It sets this property value to 100000. This means that during a cleanup operation, audit records are deleted from the SYS.AUD$ table in batches of size 100000.

BEGIN
DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_PROPERTY(
       audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD,
       audit_trail_property => DBMS_AUDIT_MGMT.DB_DELETE_BATCH_SIZE,
       audit_trail_property_value => 100000 /* delete batch size */);
END;
/

SET_DEBUG_LEVEL Procedure

This procedure sets the trace level for the DBMS_AUDIT_MGMT package. The default trace level, TRACE_LEVEL_ERROR, logs only the error messages as trace messages. The debug trace level, TRACE_LEVEL_DEBUG, logs detailed debug messages.

Syntax

DBMS_AUDIT_MGMT.SET_DEBUG_LEVEL(
   debug_level IN PLS_INTEGER DEFAULT TRACE_LEVEL_ERROR);

Parameters

Table G-19 SET_DEBUG_LEVEL Procedure Parameters

Parameter Description

debug_level

The trace level to set.

TRACE_LEVEL_ERROR logs only the error messages as trace messages. TRACE_LEVEL_DEBUG logs detailed debug messages.


Examples

The following example calls the SET_DEBUG_LEVEL procedure to enable enhanced debugging.

BEGIN
DBMS_AUDIT_MGMT.SET_DEBUG_LEVEL(
  debug_level   => DBMS_AUDIT_MGMT.TRACE_LEVEL_DEBUG);
END;
/

SET_LAST_ARCHIVE_TIMESTAMP Procedure

This procedure sets a timestamp indicating when the audit records were last archived. The audit administrator provides the timestamp to be attached to the audit records. The CLEAN_AUDIT_TRAIL Procedure uses this timestamp to decide on the audit records to be deleted.

Syntax

DBMS_AUDIT_MGMT.SET_LAST_ARCHIVE_TIMESTAMP(
   audit_trail_type     IN PLS_INTEGER,
   last_archive_time    IN TIMESTAMP,
   rac_instance_number  IN PLS_INTEGER DEFAULT 0) ;

Parameters

Table G-20 SET_LAST_ARCHIVE_TIMESTAMP Procedure Parameters

Parameter Description

audit_trail_type

The audit trail type for which the timestamp needs to be set. Audit trail types are listed in Table G-1, "DBMS_AUDIT_MGMT Constants - Audit Trail Types" .

last_archive_time

The TIMESTAMP value to be attached to the audit records. This indicates the last time when the audit records were archived.

rac_instance_number

The instance number for the Oracle Real Application Clusters (RAC) instance.The default value is 0, which is used for the database audit trail type.

The rac_instance_number is not relevant for the database audit trail type, as the database audit trail tables are shared by all RAC instances.


Usage Notes

The following usage notes apply:

Examples

The following example calls the SET_LAST_ARCHIVE_TIMESTAMP procedure to set the last archive timestamp for the operating system (OS) audit trail type. It uses the TO_TIMESTAMP function to convert a character string into a timestamp value.

BEGIN
DBMS_AUDIT_MGMT.SET_LAST_ARCHIVE_TIMESTAMP(
   audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS,
   last_archive_time => TO_TIMESTAMP('10-SEP-0714:10:10.0','DD-MON-RRHH24:MI:SS.FF'),
   rac_instance_number => 1 /* single instance database */);
END;
/

SET_PURGE_JOB_INTERVAL Procedure

This procedure sets the interval at which the CLEAN_AUDIT_TRAIL Procedure is called for the purge job specified. The purge job must have already been created using the CREATE_PURGE_JOB Procedure.

Syntax

DBMS_AUDIT_MGMT.SET_PURGE_JOB_INTERVAL(
   audit_trail_purge_name      IN VARCHAR2,
   audit_trail_interval_value  IN PLS_INTEGER) ;

Parameters

Table G-21 SET_PURGE_JOB_INTERVAL Procedure Parameters

Parameter Description

audit_trail_purge_name

The name of the purge job for which the interval is being set. This is the purge job name that you specified with the CREATE_PURGE_JOB Procedure.

audit_trail_interval_value

The interval, in hours, at which the clean up procedure should be called. This value modifies the audit_trail_purge_interval parameter set using the CREATE_PURGE_JOB Procedure


Usage Notes

Use this procedure to modify the audit_trail_purge_interval parameter set using the CREATE_PURGE_JOB Procedure.

Examples

The following example calls the SET_PURGE_JOB_INTERVAL procedure to change the frequency at which the purge job called CLEANUP is invoked. The new interval is set to 24 hours.

BEGIN
DBMS_AUDIT_MGMT.SET_PURGE_JOB_INTERVAL(
  AUDIT_TRAIL_PURGE_NAME       => 'CLEANUP',
  AUDIT_TRAIL_INTERVAL_VALUE   => 24 );
END;
/

SET_PURGE_JOB_STATUS Procedure

This procedure enables or disables the specified purge job. The purge job must have already been created using the CREATE_PURGE_JOB Procedure.

Syntax

DBMS_AUDIT_MGMT.SET_PURGE_JOB_STATUS(
   audit_trail_purge_name    IN VARCHAR2,
   audit_trail_status_value  IN PLS_INTEGER) ;

Parameters

Table G-22 SET_PURGE_JOB_STATUS Procedure Parameters

Parameter Description

audit_trail_purge_name

The name of the purge job for which the status is being set. This is the purge job name that you specified with the CREATE_PURGE_JOB Procedure.

audit_trail_status_value

One of the values specified in DBMS_AUDIT_MGMT Constants - Purge Job Status.

The value PURGE_JOB_ENABLE enables the specified purge job.

The value PURGE_JOB_DISABLE disables the specified purge job.


Examples

The following example calls the SET_PURGE_JOB_STATUS procedure to enable the CLEANUP purge job.

BEGIN
DBMS_AUDIT_MGMT.SET_PURGE_JOB_STATUS(
  audit_trail_purge_name      => 'CLEANUP',
  audit_trail_status_value    => DBMS_AUDIT_MGMT.PURGE_JOB_ENABLE);
END;
/