Oracle 视图 DBA_XS_AUDIT_TRAIL 官方解释，作用，如何使用详细说明

本站中文解释

Oracle 视图DBA_XS_AUDIT_TRAIL用于查询权限审计日志。它由数据库管理者的查询使用，以审查具有特权的用户的权限使用情况，确定数据库访问控制和安全策略是否被正确实施。

利用该视图，DBA可以跟踪所有特权用户（拥有SYSDBA、SYSOPER或 sys_context[‘userenv’,’authenticated_role’]角色的用户）在数据库上执行的操作。它还跟踪特权未经认证的许可动作。

使用该视图的方法：
1. 选择检查的范围，对特定的组、用户或许可进行记录
2. 运行SQL查询，查看指定的组/用户/许可的行为
例：
SELECT username, action, returncode, description
FROM dba_xs_audit_trail
WHERE username = ‘TEST_USER’
AND action = ‘grant’
AND returncode = 0;

这个查询查找“TEST_USER”执行“授予”操作但returncode为0的行为细节。

官方英文解释

DBA_XS_AUDIT_TRAIL describes all audit records specific to Oracle Database Real Application Security.

Column	Datatype	Description
`USERID`	`VARCHAR2(128)`	Name of the database user whose actions were audited
`ACTION`	`NUMBER`	Numeric audit trail action type code. The corresponding name of the action type is in the `ACTION_NAME` column.
`ACTION_NAME`	`VARCHAR2(64)`	Name of the action type corresponding to the numeric code in the `ACTION` column
`OBJ_OWNER`	`VARCHAR2(128)`	Owner of the object affected by the action
`OBJ_NAME`	`VARCHAR2(128)`	Name of the object affected by the action
`RETURN_CODE`	`NUMBER`	Oracle error code generated by the action
`XS_USER_NAME`	`VARCHAR2(128)`	Name of the Real Application Security user
`XS_SESSIONID`	`RAW(33)`	Identifer of the Real Application Security session
`XS_INACTIVITY_TIMEOUT`	`NUMBER`	Inactivity timeout of the Real Application Security session
`XS_ENTITY_TYPE`	`VARCHAR2(32)`	Type of the Real Application Security entity. Possible values are `USER`, `ROLE`, `ROLESET`, `SECURITYCLASS`, `ACL`, `DATASECURITY`, and `NSTEMPLATE`.
`XS_TARGET_PRINCIPAL_NAME`	`VARCHAR2(128)`	Target principal name in Real Application Security operations. Possible operations are set verifier, set password, add proxy, remove proxy, switch user, assign user, create session, grant roles.
`XS_PROXY_USER_NAME`	`VARCHAR2(128)`	Name of the Real Application Security proxy user.
`XS_DATASEC_POLICY_NAME`	`VARCHAR2(128)`	Name of the Real Application Security data security policy enabled or disabled
`XS_SCHEMA_NAME`	`VARCHAR2(128)`	Name of the schema in enable, disable data security policy and global callback operation
`XS_CALLBACK_EVENT_TYPE`	`VARCHAR2(32)`	Real Application Security global callback event type
`XS_PACKAGE_NAME`	`VARCHAR2(128)`	Real Application Security callback package name for the global callback
`XS_PROCEDURE_NAME`	`VARCHAR2(128)`	Real Application Security callback procedure name for the global callback
`XS_ENABLED_ROLE`	`VARCHAR2(128)`	The role that is enabled
`XS_COOKIE`	`VARCHAR2(1024)`	Real Application Security session cookie
`XS_NS_NAME`	`VARCHAR2(128)`	Name of the Real Application Security session namespace
`XS_NS_ATTRIBUTE`	`VARCHAR2(4000)`	Name of the Real Application Security session namespace attribute
`XS_NS_ATTRIBUTE_OLD_VAL`	`VARCHAR2(4000)`	The old value of the Real Application Security session namespace attribute
`XS_NS_ATTRIBUTE_NEW_VAL`	`VARCHAR2(4000)`	The new value of the Real Application Security session namespace attribute
`EVENT_TIMESTAMP`	`TIMESTAMP(6) WITH TIME ZONE`	Timestamp of audit record