Following a question to the blog post Database Audit and Audit trail purging, I noticed something interesting about the DEFAULT_CLEANUP_INTERVAL parameter. On one hand, it is mandatory to initialize the audit trail and to define a DEFAULT_CLEANUP_INTERVAL, on the other hand, the parameter is not used at all. Oracle explains this in the MOS note Parameter DEFAULT_CLEANUP_INTERVAL of DBMS_AUDIT_MGMT.INIT_CLEANUP procedure [1243324.1]
Quote Oracle Support (MOS Note 1243324.1):
The dbms_audit_mgmt.init_cleanup parameter DEFAULT_CLEANUP_INTERVAL is not intended to be used to control the frequency of execution of audit management automatic cleanup. This parameter, although assigned a value during initialisation of audit infrastructure, is unused in current releases. However, in future releases it is intended to be used to control functionality which automatically partitions audit tables based on their archive frequency. This functionality already exists in the DBMS_AUDIT_MGMT package but is disabled in current releases. This is not a classified product bug, but expected behaviour.
According to the MOS Note DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL Not Clearing FGA Audit Trail When Using Last Archive Timestamp [1532676.1] it could be a no go for audit purging if DEFAULT_CLEANUP_INTERVAL has not or never been. Conclusion initialize the audit trail and define a value for the default cleanup interval but manualy setup a purge job.
I’m curious what Oracle plans for the future. Unified and self purging audit trail 🙂
A few Metalink Notes related to Audit and Audit Management.
- Master Note For Oracle Database Auditing
- Known Issues When Using: DBMS_AUDIT_MGMT
- How to Truncate, Delete, or Purge Rows from the Audit Trail Table AUD$
- DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL Not Clearing FGA Audit Trail When Using Last Archive Timestamp
- Parameter DEFAULT_CLEANUP_INTERVAL of DBMS_AUDIT_MGMT.INIT_CLEANUP procedure