In 12c the Unified Audit Trail consolidates audit information from multiple sources and makes this information available in a standard format in the UNIFIED_AUDIT_TRAIL dictionary view. This article describes enabling the Unified Audit Data Trail.
- Logon to your oracle server as the oracle software owner and logon to sqlplus with sysdba privileges.
- To determine if Unified Auditing is enabled, execute the query: select value from v$option where parameter=’Unified Auditing’;
SQL> select value from v$option where parameter=’Unified Auditing’;
VALUE
—————————————————————-
FALSE
SQL>
- NOTE: that Unified Auditing is not currently enabled.
- Shutdown the database instance with command: shutdown immediate.
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL>
- Exit out of SQLPLUS and shutdown the listener utility with the OS command: lsnrctl stop
SQL> exit
Disconnected
[oracle@linux2 ~]$ lsnrctl stop
LSNRCTL for Linux: Version 12.1.0.2.0 – Production on 15-APR-2016 10:13:21
Copyright (c) 1991, 2014, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.30.1.101)(PORT=1521)))
The command completed successfully
[oracle@linux2 ~]$
- Change directory to $ORACLE_HOME/rdbms/lib and execute the make command to relink oracle with ‘uniaud_on’ option.
cd $ORACLE_HOME/rdbms/lib
make -f ins_rdbms.mk uniaud_on ioracle
- Restart Oracle listener with command: lsnrctl start
[oracle@linux2 lib]$ lsnrctl start
LSNRCTL for Linux: Version 12.1.0.2.0 – Production on 15-APR-2016 10:17:53
Copyright (c) 1991, 2014, Oracle. All rights reserved.
Starting /opt/app/oracle/product/12.1.0.2/db_1/bin/tnslsnr: please wait…
TNSLSNR for Linux: Version 12.1.0.2.0 – Production
System parameter file is /opt/app/oracle/product/12.1.0.2/db_1/network/admin/listener.ora
Log messages written to /opt/app/oracle/diag/tnslsnr/linux2/listener/alert/log.xml
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.30.1.101)(PORT=1521)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.30.1.101)(PORT=1521)))
STATUS of the LISTENER
————————
Alias LISTENER
Version TNSLSNR for Linux: Version 12.1.0.2.0 – Production
Start Date 15-APR-2016 10:17:53
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/app/oracle/product/12.1.0.2/db_1/network/admin/listener.ora
Listener Log File /opt/app/oracle/diag/tnslsnr/linux2/listener/alert/log.xml
Listening Endpoints Summary…
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.30.1.101)(PORT=1521)))
Services Summary…
Service “cdb1” has 1 instance(s).
Instance “cdb1”, status UNKNOWN, has 1 handler(s) for this service…
The command completed successfully
[oracle@linux2 lib]$
- Logon to Oracle SQLPLUS with sysdba privileges and startup the database with command: startup.
[oracle@linux2 lib]$ sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Thu APR 15 10:18:25 2016
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to an idle instance.
SQL> startup
ORACLE instance started.
Total System Global Area 549453824 bytes
Fixed Size 2926616 bytes
Variable Size 268437480 bytes
Database Buffers 272629760 bytes
Redo Buffers 5459968 bytes
Database mounted.
Database opened.
SQL>
- Check the status of Unified Auditing with command: select value from v$option where parameter=’Unified Auditing’;
SQL> select value from v$option where parameter=’Unified Auditing’;
VALUE
—————————————————————-
TRUE
SQL>
- This completes the enablement of Unified Audit Data in 12c
Larry Catt
OCP