RE: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)
Date: Mon, 11 Mar 2013 12:21:06 -0500
Message-ID: <A4B582B1B91D3C4D956D8880535CC098260B0C35_at_MAIL.solutionary.com>
Actually, almost all privilege and statement auditing shows up in both views. (I have no idea why though.) The only auditing initiated by "audit select any table" is auditing the use of the 'SELECT ANY TABLE" system privilege. It does NOT mean that selects are being audited against all tables, even for users without this system privilege.
Don Granaman | Ph: 402-361-3073 | Cell: 402-960-6955 | Solutionary - Relevant | Intelligent | Security
-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Christopher.Taylor2_at_parallon.net
Sent: Monday, March 11, 2013 11:48 AM
To: oracle-l_at_freelists.org
Subject: DBA_STMT_AUDIT_OPTS versus DBA_PRIV_AUDIT_OPTS and SELECT ANY TABLE (Confused)
Env: 10.2.0.4
It's my understanding that DBA_PRIV_AUDIT_OPTS audits the use of database privileges (such as SELECT ANY TABLE) and that DBA_STMT_AUDIT_OPTS audits particular statement types.
If this is true and I see SELECT ANY TABLE listed in BOTH views, does that mean that SELECTS on ANY TABLE are getting audited as it shows up in DBA_STMT_AUDIT_OPTS?
And selects done through the privilege SELECT ANY TABLE are being audited because it shows up in DBA_PRIV_AUDIT_OPTS?
There's a subtle difference in the above - it seems that SELECT ANY TABLE in DBA_STMT_AUDIT_OPTS might be showing that ALL selects are being audited, but I'm not sure that's true because I do *not* have SELECT TABLE being audited yet SELECTS are showing up in my audit logs (using OS db audit trail).
Thoughts?
Chris Taylor
Oracle DBA
Parallon IT&S
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
Received on Mon Mar 11 2013 - 18:21:06 CET