Oracle provides the ability to audit your database activities on a multitude of level, providing the administrator the ability to find suspicious activity on the database. However, this audit trail can consume huge amounts of disk space and it is necessary to remove this information once it has become obsolete. This article covers the removal of all audit records within an Oracle RDBMS and will work regardless of OS type.
NOTE: This article covers the removal of audit records from the Oracle database, the initialization parameter of AUDIT_TRAIL must be set to DB in order for this procedure to work correctly.
1. Logon to your Oracle database server as the Oracle software owner.
2. Logon to your Oracle database as sysdba.
mylinux:> sqlplus ‘/ as sysdba’
SQL*Plus: Release 10.2.0.4.0 – Production on Sun May 09 13:11:07 2010
Copyright (c) 1982, 2007, Oracle. All Rights Reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
3. Select from one of the audit tables to see how much audit data has been collected.
SQL> select count(*) from dba_audit_session;
COUNT(*)
———-
1364166
SQL>
4. As SYSDBA delete all audit trail records with the command: delete from sys.aud$;
SQL> DELETE FROM SYS.AUD$;
1364166 rows deleted.
SQL> commit;
Commit complete.
SQL>
5. Now perform a select from dba_audit_session view.
SQL> select count(*) from dba_audit_session;
COUNT(*)
———-
0
SQL>
This completes the removal of old audit records from within the Oracle database.
Larry J. Catt, OCP 9i, 10g
oracle@allcompute.com
www.allcompute.com