Our Security department wants to know exactly what a user with the DBA role does during a certain time. The end goal is to propose specific privileges instead of giving the DBA role. I am going to move the AUD$ table
I have several questions :
To make life easier, I would like the info stored in the db. Do I need audit_trail=db,extended ? If I understand correctly when extended is used it writes to the OS.
According to this : http://docs.oracle.com/cd/E11882_01/net ... m#DBSEG371
I don't need BY ACCESS (using 126.96.36.199) - can this be confirmed?
Am I going to capture everything the user with the DBA role does by using the following :
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY DBA_USER;
AUDIT EXECUTE PROCEDURE BY DBA_USER;
audit all privileges by DBA_USER;
audit all by DBA_USER;
If not, what other commands should be used?