Re: Oracle Auditing by User

From: BicycleRepairman <engel.kevin_at_gmail.com>
Date: Sat, 23 Apr 2011 10:20:34 -0700 (PDT)
Message-ID: <8f91d683-0f2f-4294-ae02-4b49a7a742f6_at_u15g2000vby.googlegroups.com>



On Apr 22, 9:36 pm, indytoatl <indyto..._at_gmail.com> wrote:
> I am trying to audit select statements on a column for everyone except
> JohnDoe who works in the HR dept. How do I create the correct
> audit_condition??
>
> BEGIN
>     DBMS_FGA.ADD_POLICY(
>          object_schema => 'HR'
>         ,object_name => 'EMPLOYEES'
>         ,policy_name => 'PAYROLL_INFO'
>         ,audit_condition => 'DBUser NOT = 'JohnDoe'
>         ,audit_column => 'SALARY'
>         ,handler_schema => NULL
>         ,handler_module => NULL
>         ,enable => TRUE
>         ,statement_types => 'SELECT'
>         ,audit_trail => DBMS_FGA.DB_EXTENDED
>         ,audit_column_opts => DBMS_FGA.ANY_COLUMNS
>     );
> END;
> /

,audit_condition => 'sys_context(''userenv'',''session_user'') != ''JOHNDOE''' should get you what you want (or substitute any of the other identifiers in the sys_context if needed). Received on Sat Apr 23 2011 - 12:20:34 CDT

Original text of this message