Table: DBA_AUDIT_TRAIL
All audit trail entries
Column Name | Description |
---|---|
ACTION | Numeric action type code. The corresponding name of the action type (CREATE TABLE, INSERT, etc.) is in the column ACTION_NAME |
ACTION_NAME | Name of the action type corresponding to the numeric code in ACTION |
ADMIN_OPTION | If role/sys_priv was granted WITH ADMIN OPTON, A/- |
AUDIT_OPTION | Auditing option set with the audit statement |
CLIENT_ID | Client identifier in each Oracle session |
COMMENT_TEXT | Text comment on the audit trail entry. Also indicates how the user was authenticated. The method can be one of the following: 1. "DATABASE" - authentication was done by password. 2. "NETWORK" - authentication was done by Net8 or the Advanced Networking Option. 3. "PROXY" - the client was authenticated by another user. The name of the proxy user follows the method type. |
ENTRYID | Numeric ID for each audit trail entry in the session |
GRANTEE | The name of the grantee specified in a GRANT/REVOKE statement |
LOGOFF_DLOCK | Deadlocks detected during the session |
LOGOFF_LREAD | Logical reads for the session |
LOGOFF_LWRITE | Logical writes for the session |
LOGOFF_PREAD | Physical reads for the session |
LOGOFF_TIME | Timestamp for user logoff |
NEW_NAME | New name of object after RENAME, or name of underlying object (e.g. CREATE INDEX owner.obj_name ON new_owner.new_name) |
NEW_OWNER | The owner of the object named in the NEW_NAME column |
OBJ_NAME | Name of the object affected by the action |
OBJ_PRIVILEGE | Object privileges granted/revoked by a GRANT/REVOKE statement |
OS_USERNAME | Operating System logon user name of the user whose actions were audited |
OWNER | Creator of object affected by the action |
PRIV_USED | System privilege used to execute the action |
RETURNCODE | Oracle error code generated by the action. Zero if the action succeeded |
SESSIONID | Numeric ID for each Oracle session |
SESSION_CPU | Amount cpu time used by each oracel session |
SES_ACTIONS | Session summary. A string of 11 characters, one for each action type, in thisorder: Alter, Audit, Comment, Delete, Grant, Index, Insert, Lock, Rename, Select, Update. Values: "-" = None, "S" = Success, "F" = Failure, "B" = Both |
STATEMENTID | Numeric ID for each statement run (a statement may cause many actions) |
SYS_PRIVILEGE | System privileges granted/revoked by a GRANT/REVOKE statement |
TERMINAL | Identifier for the user's terminal |
TIMESTAMP | Timestamp for the creation of the audit trail entry (Timestamp for the user's logon for entries created by AUDIT SESSION) |
USERHOST | Numeric instance ID for the Oracle instance from which the user is accessing the database. Used only in environments with distributed file systems and shared database files (e.g., clustered Oracle on DEC VAX/VMS clusters) |
USERNAME | Name (not ID number) of the user whose actions were audited |