Schema Object Auditing
Schema object auditing lets you track access to an object. The object can be any Oracle table, view, sequence, package, function, procedure, snapshot, library, or directory.
Tip
Oracle will audit embedded objects. That is, if you have turned on auditing for a table, and that table is referenced in a view, then accessing the view will generate an audit record for the table.
The specific syntax for schema object auditing is:
AUDITobject_privilege[,object_privilege...] ON [schema.]objectname| DEFAULT [BY SESSION [WHENEVER [NOT] SUCCESSFUL] [BY ACCESS [WHENEVER [NOT] SUCCESSFUL]
Table 7.1 lists the various object privileges and the schema object types to which they can apply. Detailed syntax is provided in Chapter 13.
|
Object Privilege |
Object Type Applicable |
|
ALTER |
Table, sequence, snapshot |
|
AUDIT |
Table, view, sequence, package, procedure, function, snapshot, directory |
|
COMMENT |
Table, view, snapshot |
|
CREATE |
Table, view, snapshot |
|
DELETE |
Table, view, snapshot |
|
EXECUTE |
Package, procedure, function, library |
|
GRANT |
Table, view, sequence, package, procedure, function, snapshot, library, directory |
|
INDEX |
Table, snapshot |
|
INSERT |
Table, view, snapshot |
|
LOCK |
Table, view, snapshot |
|
READ |
Directory |
|
REFERENCES |
Table |
|
RENAME |
Table, view, package, procedure, function, snapshot |
|
SELECT |
Table, view, sequence, snapshot |
|
UPDATE |
Table, view, snapshot |
|
WRITE |
Directory |
You can specify a default level for schema object auditing by using the keyword DEFAULT instead of a schema object name. From that point on, all schema objects created will have that level of auditing turned on. You must have the AUDIT ANY system privilege to specify this level.