My Oracle Support Banner

Trigger Used to Audit Enterprise Users Does Not Populate DBA_AUDIT_TRAIL.COMMENT_TEXT (Doc ID 2282546.1)

Last updated on JANUARY 12, 2020

Applies to:

Advanced Networking Option - Version 12.1.0.2 and later
Information in this document applies to any platform.

Symptoms

When Enterprise Users using a shared schema connect to a database, the DN of the Enterprise User can be recorded in DBA_AUDIT_TRAIL.COMMENT_TEXT (not CLIENT_ID), but only for LOGON and LOGOFF audit records, using the technique described in <Note 465674.1>.

For other types of audited actions, one can write a custom trigger that uses SYS_CONTEXT( 'USERENV' , 'EXTERNAL_NAME' ) to obtain the DN of the Enterprise User, followed by DBMS_SESSION.SET_IDENTIFIER to set the CLIENT_ID, which will then be captured in DBA_AUDIT_TRAIL.COMMENT_TEXT.

However, the trigger seems not to fire for certain users, who have the same enterprise roles and privileges as users for whom the trigger is working.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.