Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java

Audit Trail Logs for the Sensitive View

Let's find the audit log entries for this access. HR user does not have access to read the audit logs (if he tries, he will be audited), but if you will connect as secadm and execute the following commands, you will see the audit logs that were generated by HR querying v_employees_public:

EXEC sys.p_check_secadm_access;

SELECT OBJECT_NAME, STATEMENT_TYPE, RETURNCODE FROM DBA_COMMON_AUDIT_TRAIL
        WHERE DB_USER='HR'
        ORDER BY EXTENDED_TIMESTAMP DESC;

While we are still here as secadm, we should try to access the sensitive view and see the audit log entries for this failed attempt (secadm cannot read the sensitive view). You will also see logs of the audit trail SELECT statements executed by ...

Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java by David Coffin

Audit Trail Logs for the Sensitive View

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly