Oracle 12c does permit for you to disable unified auditing and use traditional auditing features.   This article covers the steps to disabling unified auditing.

 

1. Logon to oracle database server and logon to sqlplus with sysdba.

 

[oracle@linux2 lib]$ sqlplus / as sysdba

 

SQL*Plus: Release 12.1.0.2.0 Production on Thu Dec 15 10:35:07 2015

 

Copyright (c) 1982, 2014, Oracle.  All rights reserved.

 

 

Connected to:

Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 – 64bit Production

With the Partitioning, OLAP, Advanced Analytics, Real Application Testing

and Unified Auditing options

 

SQL>

 

2. Disable any enabled unified audit policies, preventing database from going into mixed mode auditing. You can use the statement:  select ‘noaudit policy ‘||policy_name||’;’ from audit_unified_enabled_policies;

 

SQL> select ‘noaudit policy ‘||policy_name||’;’ from audit_unified_enabled_policies;

 

‘NOAUDITPOLICY’||POLICY_NAME||’;’

——————————————————————————–

noaudit policy ORA_SECURECONFIG;

noaudit policy ORA_LOGON_FAILURES;

 

SQL> noaudit policy ORA_SECURECONFIG;

 

Noaudit succeeded.

 

SQL>

SQL> noaudit policy ORA_LOGON_FAILURES;

 

Noaudit succeeded.

 

SQL>

 

 

3. Verify that no unified audit policies are now enabled by querying the audit_unified_enabled_policy table.

 

SQL> select count(*) from audit_unified_enabled_policies;

 

  COUNT(*)

———-

         0

 

SQL>

 

4. Shutdown the database with immediate option.

 

SQL> shutdown immediate

Database closed.

Database dismounted.

ORACLE instance shut down.

SQL>

 

5. Exit out of SQLPLUS and shutdown the oracle listener with command: lsnrctl stop

 

SQL> exit

Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 – 64bit Production

With the Partitioning, OLAP, Advanced Analytics, Real Application Testing

and Unified Auditing options

[oracle@linux2 lib]$ lsnrctl stop

 

LSNRCTL for Linux: Version 12.1.0.2.0 – Production on 15-DEC-2015 10:38:36

 

Copyright (c) 1991, 2014, Oracle.  All rights reserved.

 

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.30.15.98)(PORT=1521)))

The command completed successfully

[oracle@linux2 lib]$

 

 

 

6. From the command prompt go to directory $ORACLE_HOME/rdbms/lib and use make to execute ins_rdbms.mk uniaud_off ioracle command

 

cd $ORACLE_HOME/rdbms/lib

make -f ins_rdbms.mk uniaud_off ioracle

 

7. Startup the Oracle listener with command: lsnrctl stop

[oracle@linux2 lib]$ lsnrctl start

 

LSNRCTL for Linux: Version 12.1.0.2.0 – Production on 15-DEC-2015 10:41:06

 

Copyright (c) 1991, 2014, Oracle.  All rights reserved.

 

Starting /opt/app/oracle/product/12.1.0.2/db_1/bin/tnslsnr: please wait…

 

TNSLSNR for Linux: Version 12.1.0.2.0 – Production

System parameter file is /opt/app/oracle/product/12.1.0.2/db_1/network/admin/listener.ora

Log messages written to /opt/app/oracle/diag/tnslsnr/linux2/listener/alert/log.xml

Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.30.15.98)(PORT=1521)))

 

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.30.15.98)(PORT=1521)))

STATUS of the LISTENER

————————

Alias                     LISTENER

Version                   TNSLSNR for Linux: Version 12.1.0.2.0 – Production

Start Date                15-DEC-2015 10:41:06

Uptime                    0 days 0 hr. 0 min. 0 sec

Trace Level               off

Security                  ON: Local OS Authentication

SNMP                      OFF

Listener Parameter File   /opt/app/oracle/product/12.1.0.2/db_1/network/admin/listener.ora

Listener Log File         /opt/app/oracle/diag/tnslsnr/linux2/listener/alert/log.xml

Listening Endpoints Summary…

  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.30.15.98)(PORT=1521)))

Services Summary…

Service “cdb1” has 1 instance(s).

  Instance “cdb1”, status UNKNOWN, has 1 handler(s) for this service…

The command completed successfully

[oracle@linux2 lib]$

 

8. Logon to SQL*PLUS start the database.

 

[oracle@linux2 ~]$ sqlplus / as sysdba

 

SQL*Plus: Release 12.1.0.2.0 Production on Thu Dec 15 10:41:32 2015

 

Copyright (c) 1982, 2014, Oracle.  All rights reserved.

 

Connected to an idle instance.

 

SQL> startup open

ORACLE instance started.

 

Total System Global Area  549453824 bytes

Fixed Size                  2926616 bytes

Variable Size             268437480 bytes

Database Buffers          272629760 bytes

Redo Buffers                5459968 bytes

Database mounted.

Database opened.

SQL>

 

9. Verify that the unified Auditing is off by following statement: select value from v$option where parameter=’Unified Auditing’;

 

SQL> select value from v$option where parameter=’Unified Auditing’;

 

VALUE

—————————————————————-

FALSE

 

SQL>

 

10. This completes disabling the Unified Auditing in Oracle 12c.

 

Larry Catt

OCP