Oracle 11.2.0.4
I am new to Oracle and was reading Oracle documentation- Auditing Database Activity. Planning to do some auditing.
Did some testing in my dev environment:
1. Changed audit_trail
SQL> show parameter audit_trail
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_trail string DB, EXTENDED
SQL>
2. Got to page 7-6 and was excited to see undoaud.sql and secconf.sql
I ran noaudit all; , noaudit all privileges; , noaudit exempt access policy;
3. Then I ran just the following to turn audit on:
Audit alter any table by access;
Audit create any table by access;
Audit drop any table by access;
Audit Create any procedure by access;
Audit Drop any procedure by access;
Audit Alter any procedure by access;
Audit Grant any privilege by access;
Audit grant any object privilege by access;
Audit grant any role by access;
Audit create external job by access;
Audit create any job by access;
Audit create any library by access;
Audit create public database link by access;
Audit alter user by access;
Audit create user by access;
Audit create session whenever not successful;
Audit drop user by access;
Audit alter database by access;
Audit alter system by access;
Audit alter profile by access;
Audit drop profile by access;
Issue:
Now when I create and drop table; I'm not getting a record in sys.aud$. (Audit create any table by access; and Audit drop any table by access;)
I know audit is on because when I intentionally try log in with incorrect password, a record is created in sys.aud$ (Audit create session whenever not successful;)
Question
What am I doing wrong / missing?
Thank you.