2.18.2 Creating an auditor
To use the audit trail facility, you need to create an auditor. An auditor is an HADB user who has an audit privilege (audit admin privilege or audit viewer privilege). An auditor is responsible for the following:
-
Operating the audit trail facility
The tasks of an auditor who operates the audit trail facility include selecting the operations (audit events) for which to output an audit trail, initiating audit trail output, and revoking the audit privilege of HADB users. To operate the audit trail facility, an HADB user must have audit admin privilege.
-
Auditing
The auditor audits database usage and outputs common format audit trail files by referencing the audit trail information.
To reference audit trail information, an HADB user must have audit viewer privilege.
To create an auditor, an HADB user with the DBA privilege grants audit privilege to an HADB user by executing the GRANT statement. You can create an auditor who has only audit admin privilege, who has only audit viewer privilege, or who has both audit admin privilege and audit viewer privilege. You can also create multiple auditors. Grant the necessary privilege to the HADB user, keeping in mind the role of the auditor and the tasks they are likely to perform.