Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

"audit create session by session" vs. "audit create session by access"?

When I enabling auditing for create session by the following way:

audit create session by session;

Then I am querying the following:

select * from dba_priv_audit_opts;

The result is:

USERNAME | PROXY_NAME | AUDIT_OPTION   | SUCCESS   | FAILURE  |
...............................................................
 -       | -          | CREATE SESSION | BY ACCESS | BY ACCESS|

But, when I enabling auditing for create session by the following way:

 audit create session by access;

Then I am querying the following:

select * from dba_priv_audit_opts;

The result is the same:

USERNAME | PROXY_NAME | AUDIT_OPTION   | SUCCESS   | FAILURE  |
...............................................................
 -       | -          | CREATE SESSION | BY ACCESS | BY ACCESS|

Why? Do you have any idea?

like image 656
kupa Avatar asked Feb 09 '11 08:02

kupa


1 Answers

11gR2 and above:

BY SESSION is effectively disabled and all auditing is done per access.

11gR1 and below:

The difference between BY SESSION and BY ACCESS is that when you specify BY SESSION Oracle will try to merge multiple audit entries into one record when the session and the action audited match.

It only works for SQL statements other than DDL though, From the above link:

If you specify statement options or system privileges that audit data definition language (DDL) statements, then the database automatically audits by access regardless of whether you specify the BY SESSION clause or BY ACCESS clause.

Since CREATE SESSION is a DDL statement Oracle audits this statement by access.

like image 193
Vincent Malgrat Avatar answered Nov 09 '22 04:11

Vincent Malgrat