Auditing By Default In Oracle 11g

Among the many enhancements in Oracle 11g, very important one is the default auditing.In Oracle 11g, parameter audit_trail is set to the value DB by default. And many privileges audited by access are enabled by default.See the list below.

ALTER ANY PROCEDURE
ALTER ANY TABLE
ALTER DATABASE
ALTER PROFILE
AUDIT ROLE BY ACCESS
ALTER SYSTEM
ALTER USER
AUDIT SYSTEM
AUDIT SYSTEM BY ACCESS
CREATE ANY JOB
CREATE ANY LIBRARY
CREATE ANY PROCEDURE
CREATE ANY TABLE
CREATE EXTERNAL JOB
CREATE PUBLIC DATABASE LINK
CREATE SESSION
CREATE USER
DROP ANY PROCEDURE
DROP ANY TABLE
DROP PROFILE
DROP USER
EXEMPT ACCESS POLICY
GRANT ANY OBJECT PRIVILEGE
GRANT ANY PRIVILEGE
GRANT ANY ROLE

These options are enabled once the database is upgraded to 11g.

This is very powerful feature, but involves a whole lot of risk. When a database is upgraded, the table aud$ where audit logs are kept is located in the SYSTEM tablespace. Since auditing is enabled by default, SYSTEM tablespace may get filled up quickly. So AUD$ table should be purged on a timely manner. Or AUD$ table has to be moved out of SYSTEM tablespace.

Article by Divya