Skip to Main Content
  • Questions

  • Add tables automatically to audit policy

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Michael.

Asked: September 02, 2022 - 4:30 pm UTC

Last updated: September 06, 2022 - 5:45 am UTC

Version: Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production

Viewed 1000+ times

You Asked

Hi Tom,

Is there a way to automatically add tables a user creates to an audit policy?
I'm thinking a trigger could do this, but can we do it without giving the user the AUDIT_ADMIN role?

What I am really after is a way to audit any action against a schema.

create audit policy audit_schema_names_objects
  actions all on schema_name.*
  only toplevel;

and Connor said...

Yeah I think the best you can do it do some DDL triggering to capture this, eg

create or replace 
trigger tweak_auditing
after create on database
begin
  --
  -- lots of flexibility here in choosing what you want to log
  -- and when etc etc.
  --
  if ora_dict_obj_type = 'TABLE' 
    and  ora_dict_obj_owner in ('....')
    and  dbms_utility.format_call_stack not like '%NIGHTLY%'  -- not the nightly maint jobs
    and  nvl(sys_context('USERENV','MODULE'),'x') != 'DBMS_SCHEDULER'  -- not jobs
    and  ... (whatever you want)
  then
    --
    -- tweak the audit policy
    --
    execute immediate
      'alter audit policy my_policy add actions all on '||ora_dict_obj_owner||'.'||ora_dict_obj_name;
  end if;
end;
/

Rating

  (1 rating)

Is this answer out of date? If it is, please let us know via a Comment
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

PL/SQL demos

Check out more PL/SQL tutorials on our LiveSQL tool.

PL/SQL docs

PL/SQL reference manual from the Oracle documentation library