My Oracle Support Banner

Auditing Policy for STIG Unified Auditing to just capture STIG requirements (Doc ID 2872123.1)

Last updated on MAY 24, 2022

Applies to:

Oracle Database - Enterprise Edition - Version 19.3.0.0.0 and later
Information in this document applies to any platform.
Below is the audit policy for STIG requirements.

This comes default with 21c. However, 19c does not.

############################################################################
CREATE AUDIT POLICY ORA_STIG_RECOMMENDATIONS
PRIVILEGES ALTER SESSION
ACTIONS CREATE FUNCTION, ALTER FUNCTION, DROP FUNCTION,
CREATE PACKAGE, ALTER PACKAGE, DROP PACKAGE,
CREATE PROCEDURE, ALTER PROCEDURE, DROP PROCEDURE,
CREATE TRIGGER, ALTER TRIGGER, DROP TRIGGER,
CREATE PACKAGE BODY, ALTER PACKAGE BODY,
DROP PACKAGE BODY,
CREATE TYPE, ALTER TYPE, DROP TYPE,
CREATE TYPE BODY, ALTER TYPE BODY, DROP TYPE BODY,
CREATE LIBRARY, ALTER LIBRARY, DROP LIBRARY,
CREATE JAVA, ALTER JAVA, DROP JAVA,
CREATE OPERATOR, ALTER OPERATOR, DROP OPERATOR,
CREATE TABLE, ALTER TABLE, DROP TABLE,
CREATE VIEW, ALTER VIEW, DROP VIEW,
CREATE MATERIALIZED VIEW, ALTER MATERIALIZED VIEW,
DROP MATERIALIZED VIEW,
CREATE ASSEMBLY, ALTER ASSEMBLY, DROP ASSEMBLY,
CREATE SYNONYM, ALTER SYNONYM, DROP SYNONYM,
CREATE USER, ALTER USER, DROP USER,
GRANT, REVOKE,
CREATE ROLE, ALTER ROLE, DROP ROLE, SET ROLE,
CREATE PROFILE, ALTER PROFILE, DROP PROFILE,
CREATE LOCKDOWN PROFILE, ALTER LOCKDOWN PROFILE,
DROP LOCKDOWN PROFILE,
ALTER SYSTEM, ALTER DATABASE, ALTER PLUGGABLE DATABASE,
CREATE SPFILE, ALTER DATABASE DICTIONARY,
ADMINISTER KEY MANAGEMENT,
EXECUTE ON DBMS_JOB, EXECUTE ON DBMS_RLS,
EXECUTE ON DBMS_REDACT, EXECUTE ON DBMS_TSDP_MANAGE,
EXECUTE ON DBMS_TSDP_PROTECT,
EXECUTE ON DBMS_NETWORK_ACL_ADMIN,
EXECUTE ON DBMS_SCHEDULER
ACTIONS COMPONENT = OLS ALL';
############################################################################
AUDIT POLICY ORA_STIG_RECOMMENDATIONS;
############################################################################
############################################################################
CREATE AUDIT POLICY ORA_ALL_TOPLEVEL_ACTIONS
ACTIONS ALL ONLY TOPLEVEL;
############################################################################
AUDIT POLICY ORA_ALL_TOPLEVEL_ACTIONS BY SYS, SITEADMIN;
############################################################################
############################################################################
CREATE AUDIT POLICY ORA_LOGON_LOGOFF
ACTIONS LOGON, LOGOFF;
############################################################################
AUDIT POLICY ORA_LOGON_LOGOFF;

Goal

STIG requirements

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.