CDB common audit policy does not generate any audit record in PDB (Doc ID 3060539.1)

Last updated on DECEMBER 23, 2024

Applies to:

Symptoms

Created a CDB common audit policy and notice that it does not generate any audit record in PDB.

If the same policy is created locally in the PDB(LOCAL AUDIT POLICY), audit records are generated. 

Changes

 A CDB Common audit policy created to audit "Create Table" actions ...

[oracle@Host]$ sqlplus / as sysdba

SYS@CDB >CREATE AUDIT POLICY TEST_POLICY ACTIONS CREATE TABLE CONTAINER=ALL;

Audit policy created.

SYS@CDB>AUDIT POLICY TEST_POLICY ;

Audit succeeded.

SYS@CDB>SELECT * FROM SYS.AUDIT_UNIFIED_ENABLED_POLICIES where policy_name='TEST_POLICY';

POLICY_NAME   ENABLED_OPTION  ENTITY_NAME  ENTITY_ SUC FAI
--------------------------------------------------------------------------------
TEST_POLICY   BY USER   ALL USERS   USER YES YES

... go to the PDB to verify the created audit policy is there ...  

SYS@CDB >alter session set container=PDB1;

Session altered.

SYS@PDB1 >SELECT * FROM SYS.AUDIT_UNIFIED_ENABLED_POLICIES where policy_name='TEST_POLICY';

POLICY_NAME  ENABLED_OPTION   ENTITY_NAME  ENTITY_ SUC FAI

-----------------------------------------------------------------------------------
TEST_POLICY    BY USER  ALL USERS  USER YES YES  

... now reproduce the event (create table) at PDB level

> conn UserTest/Password@pdb1                           ('UserTest' is a Local User) 

> create table test (a number);

USERTEST@PDB1 >select dbusername,action_name from UNIFIED_AUDIT_TRAIL where event_timestamp >= to_Date('11/05/2024 14:01','MM/DD/YYYY HH24:MI') /

no rows selected

 ... Event was not audited by Common audit policy 'TEST_POLICY' at PDB level. 

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.