Go Up
You are here: ConfigurationConfigure Netwrix Auditor Service AccountsData Collecting AccountGrant 'Create Session' and 'Select' Privileges to Access Oracle Database

Grant 'Create Session' and 'Select' Privileges to Access Oracle Database

To grant CREATE SESSION and SELECT privileges to the account:

  1. On the computer where your database is deployed, run the sqlplus tool.
  2. Connect to your Oracle Database — use Oracle account with the SYSDBA privilege, for example:

    OracleUser as sysdba

    Enter your password.

  3. Decide on the account that will be used to access this database for audit data collection. You can:

    • Use the account that already exists

      - OR -

    • Create a new account – for that, execute:
      CREATE USER <account_name> IDENTIFIED BY PASSWORD;
  4. Grant CREATE SESSION system privilege to that account. For that, execute:
    GRANT CREATE SESSION TO <account_name>;
  5. Depending on your Oracle Database version, grant SELECT privilege on the objects listed in the table below:
    For...Execute...
    Oracle Database 12c, 18c, 19c

    In addition to the privileges above, rant the SELECT privilege on the following objects:

    • GRANT SELECT ON V_$PARAMETER TO OracleUser
    • GRANT SELECT ON GV_$INSTANCE TO OracleUser
    • GRANT SELECT ON AUDIT_UNIFIED_POLICIES TO OracleUser
    • GRANT SELECT ON AUDIT_UNIFIED_ENABLED_POLICIES TO OracleUser
    • GRANT SELECT ON ALL_UNIFIED_AUDIT_ACTIONS TO OracleUser
    • GRANT SELECT ON GV_$UNIFIED_AUDIT_TRAIL TO OracleUser
    • GRANT SELECT ON AUDSYS.AUD$UNIFIED TO OracleUser
    • GRANT SELECT ON FGA_LOG$ TO OracleUser

    Oracle Database 11g

    NOTE: Starting with version 9.96, Netwrix Auditor provides limited support of Oracle Database 11g.

     

    • GRANT SELECT ON aud$ TO <account_name>;
    • GRANT SELECT ON gv_$xml_audit_trail TO <account_name>;
    • GRANT SELECT ON dba_stmt_audit_opts TO <account_name>;
    • GRANT SELECT ON gv_$instance TO <account_name>;
    • GRANT SELECT ON v_$parameter TO <account_name>;
    • GRANT SELECT ON dba_audit_mgmt_clean_events TO <account_name>;

    • GRANT SELECT ON dba_obj_audit_opts TO <account_name>;
    • GRANT SELECT ON dba_audit_policies TO <account_name>;
    • GRANT SELECT ON fga_log$ TO <account_name>;

    NOTE: If you are going to configure Fine Grained Auditing, grant privileges depending on your Oracle Database version and make sure that you are using Oracle Database Enterprise Edition.

Go Up