Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Fine Grained Auditing - Quick Question
In article <40b1800a$0$31680$afc38c87_at_news.optusnet.com.au>, Howard J.
Rogers <hjr_at_dizwell.com> writes
>Just a quick question (and I have read the doco but can't find an answer),
>but is there any way to clear the FGA audit trail *apart* from doing a
>delete from dba_fga_audit_trail??
Hi Howard,
The FGA audit trail is stored in SYS.FGA_LOG$ and delete on this table is allowed in the DELETE_CATALOG_ROLE like it is for SYS.AUD$. The privilege can be seen:-
who_can_access: Release 1.0.0.0.0 - Production on Mon May 24 22:03:34
2004
Copyright (c) 2004 PeteFinnigan.com Limited. All rights reserved.
NAME OF OBJECT TO CHECK [USER_OBJECTS]: fga_log$ OWNER OF THE OBJECT TO CHECK [USER]: sys OUTPUT METHOD Screen/File [S]: FILE NAME FOR OUTPUT [priv.lst]: OUTPUT DIRECTORY [DIRECTORY or file (/tmp)]:
Checking object => SYS.FGA_LOG$
Object type is => TABLE (TAB)
Privilege => DELETE is granted to => Role => DELETE_CATALOG_ROLE (ADM = NO) which is granted to => Role => DBA (ADM = YES) which is granted to => User => SYS (ADM = YES) User => WKSYS (ADM = NO) User => CTXSYS (ADM = NO) User => SYSTEM (ADM = YES) User => SYS (ADM = YES)
PL/SQL procedure successfully completed.
For updates please visit http://www.petefinnigan.com/tools.htm
SQL> This is on 9iR2. There is no delete privileges granted by default on DBA_FGA_AUDIT_TRAIL just select privilege to a lot of users and roles. If you want to clear the trail then use delete and grant DELETE_CATALOG_ROLE to the user who needs to do it. Truncate should be quicker though if you just want to empty the trail.
hth
kind regards
Pete
-- Pete Finnigan email:pete_at_petefinnigan.com Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details.Received on Mon May 24 2004 - 16:29:21 CDT