About Audit Records
Audit records include information about the operation that was audited, the user who performed the operation, and the date and time of the operation. Depending on the type of auditing you choose, you can write audit records to data dictionary tables, called the database audit trail, or in operating system files, called the operating system audit trail.
If you choose to write audit records to the database audit trail, Oracle Database writes the audit records to the SYS.AUD$
table for default and standard auditing, and to the SYS.FGA_LOG$
table for fine-grained auditing. Both of these tables reside in the SYSTEM
tablespace and are owned by the SYS
schema. You can check the contents of these tables by querying the following data dictionary views:
-
DBA_AUDIT_TRAIL
for theSYS.AUD$
contents -
DBA_FGA_AUDIT_TRAIL
for theSYS.FGA_LOG$
contents -
DBA_COMMON_AUDIT_TRAIL
for bothSYS.AUD$
andSYS.FGA_LOG$
contents
"Finding Information About Audited Activities" describes more data dictionary views that you can use to view to contents of the SYS.AUD$
and SYS.FGA_LOG$
tables.
If you choose to write audit records to an operating system file, you can write them to either a text file or to an XML file. You can check the contents of an audit XML file by querying the V$XML_AUDIT_TRAIL
data dictionary view.
本文转自
http://download.oracle.com/docs/cd/B28359_01/network.111/b28531/auditing.htm