Trigger Used to Audit Enterprise Users Does Not Populate DBA_AUDIT_TRAIL.COMMENT_TEXT
Last updated on JULY 09, 2017
Applies to:Advanced Networking Option - Version 188.8.131.52 and later
Information in this document applies to any platform.
When Enterprise Users using a shared schema connect to a database, the DN of the Enterprise User can be recorded in DBA_AUDIT_TRAIL.COMMENT_TEXT (not CLIENT_ID), but only for LOGON and LOGOFF audit records, using the technique described in <Note 465674.1>.
For other types of audited actions, one can write a custom trigger that uses SYS_CONTEXT( 'USERENV' , 'EXTERNAL_NAME' ) to obtain the DN of the Enterprise User, followed by DBMS_SESSION.SET_IDENTIFIER to set the CLIENT_ID, which will then be captured in DBA_AUDIT_TRAIL.COMMENT_TEXT.
However, the trigger seems not to fire for certain users, who have the same enterprise roles and privileges as users for whom the trigger is working.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms