My Oracle Support Banner

Can Oracle Audit Vault Database Firewall Read Custom Log File configured in a Non Default Location in Operating System (Doc ID 2413674.1)

Last updated on JUNE 21, 2021

Applies to:

Oracle Audit Vault and Database Firewall - Version and later
Information in this document applies to any platform.


Evaluating Oracle Audit Vault and Database Firewall hereafter referred as AVDF for reading custom operating system auditing log file at the non-default location. After configuring the Directory audit trail for the custom log file, the audit trail does not start and encounters an error. 

Sample Error in Collector log file:



by Default, DIRECTORY audit trail, which Collects audit data from the audit.log file. Default location of audit.log (/var/log/audit/audit*.log) or any custom location configured in the /etc/audit/auditd.conf file.

There is another log file named as "userlog.log" at path /var/log/userlog.log. This file collects OS auditing data based on custom scripting. Trying to add this custom audit log file in AVDF, although its syntax

is much more different than default OS audit.log file.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.