1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. DataSafe
  5. getAuditEvent
Oracle Cloud Infrastructure v1.27.0 published on Friday, Mar 15, 2024 by Pulumi

oci.DataSafe.getAuditEvent

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v1.27.0 published on Friday, Mar 15, 2024 by Pulumi

    This data source provides details about a specific Audit Event resource in Oracle Cloud Infrastructure Data Safe service.

    The ListAuditEvents operation returns specified compartmentId audit Events only. The list does not include any audit Events associated with the subcompartments of the specified compartmentId.

    The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

    The parameter compartmentIdInSubtree applies when you perform ListAuditEvents on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testAuditEvent = oci.DataSafe.getAuditEvent({
        compartmentId: _var.compartment_id,
        accessLevel: _var.audit_event_access_level,
        compartmentIdInSubtree: _var.audit_event_compartment_id_in_subtree,
        scimQuery: _var.audit_event_scim_query,
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_audit_event = oci.DataSafe.get_audit_event(compartment_id=var["compartment_id"],
        access_level=var["audit_event_access_level"],
        compartment_id_in_subtree=var["audit_event_compartment_id_in_subtree"],
        scim_query=var["audit_event_scim_query"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/go/oci/DataSafe"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := DataSafe.GetAuditEvent(ctx, &datasafe.GetAuditEventArgs{
    			CompartmentId:          _var.Compartment_id,
    			AccessLevel:            pulumi.StringRef(_var.Audit_event_access_level),
    			CompartmentIdInSubtree: pulumi.BoolRef(_var.Audit_event_compartment_id_in_subtree),
    			ScimQuery:              pulumi.StringRef(_var.Audit_event_scim_query),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testAuditEvent = Oci.DataSafe.GetAuditEvent.Invoke(new()
        {
            CompartmentId = @var.Compartment_id,
            AccessLevel = @var.Audit_event_access_level,
            CompartmentIdInSubtree = @var.Audit_event_compartment_id_in_subtree,
            ScimQuery = @var.Audit_event_scim_query,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.DataSafe.DataSafeFunctions;
    import com.pulumi.oci.DataSafe.inputs.GetAuditEventArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testAuditEvent = DataSafeFunctions.getAuditEvent(GetAuditEventArgs.builder()
                .compartmentId(var_.compartment_id())
                .accessLevel(var_.audit_event_access_level())
                .compartmentIdInSubtree(var_.audit_event_compartment_id_in_subtree())
                .scimQuery(var_.audit_event_scim_query())
                .build());
    
        }
    }
    
    variables:
      testAuditEvent:
        fn::invoke:
          Function: oci:DataSafe:getAuditEvent
          Arguments:
            compartmentId: ${var.compartment_id}
            accessLevel: ${var.audit_event_access_level}
            compartmentIdInSubtree: ${var.audit_event_compartment_id_in_subtree}
            scimQuery: ${var.audit_event_scim_query}
    

    Using getAuditEvent

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getAuditEvent(args: GetAuditEventArgs, opts?: InvokeOptions): Promise<GetAuditEventResult>
    function getAuditEventOutput(args: GetAuditEventOutputArgs, opts?: InvokeOptions): Output<GetAuditEventResult>
    def get_audit_event(access_level: Optional[str] = None,
                        compartment_id: Optional[str] = None,
                        compartment_id_in_subtree: Optional[bool] = None,
                        scim_query: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetAuditEventResult
    def get_audit_event_output(access_level: Optional[pulumi.Input[str]] = None,
                        compartment_id: Optional[pulumi.Input[str]] = None,
                        compartment_id_in_subtree: Optional[pulumi.Input[bool]] = None,
                        scim_query: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetAuditEventResult]
    func GetAuditEvent(ctx *Context, args *GetAuditEventArgs, opts ...InvokeOption) (*GetAuditEventResult, error)
    func GetAuditEventOutput(ctx *Context, args *GetAuditEventOutputArgs, opts ...InvokeOption) GetAuditEventResultOutput

    > Note: This function is named GetAuditEvent in the Go SDK.

    public static class GetAuditEvent 
    {
        public static Task<GetAuditEventResult> InvokeAsync(GetAuditEventArgs args, InvokeOptions? opts = null)
        public static Output<GetAuditEventResult> Invoke(GetAuditEventInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetAuditEventResult> getAuditEvent(GetAuditEventArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:DataSafe/getAuditEvent:getAuditEvent
      arguments:
        # arguments dictionary

    The following arguments are supported:

    CompartmentId string
    A filter to return only resources that match the specified compartment OCID.
    AccessLevel string
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    CompartmentIdInSubtree bool
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    ScimQuery string

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    CompartmentId string
    A filter to return only resources that match the specified compartment OCID.
    AccessLevel string
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    CompartmentIdInSubtree bool
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    ScimQuery string

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    compartmentId String
    A filter to return only resources that match the specified compartment OCID.
    accessLevel String
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    compartmentIdInSubtree Boolean
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    scimQuery String

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    compartmentId string
    A filter to return only resources that match the specified compartment OCID.
    accessLevel string
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    compartmentIdInSubtree boolean
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    scimQuery string

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    compartment_id str
    A filter to return only resources that match the specified compartment OCID.
    access_level str
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    compartment_id_in_subtree bool
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    scim_query str

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    compartmentId String
    A filter to return only resources that match the specified compartment OCID.
    accessLevel String
    Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
    compartmentIdInSubtree Boolean
    Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
    scimQuery String

    The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

    Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')

    getAuditEvent Result

    The following output properties are available:

    CompartmentId string
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    Id string
    The provider-assigned unique ID for this managed resource.
    Items List<GetAuditEventItem>
    Array of audit event summary.
    AccessLevel string
    CompartmentIdInSubtree bool
    ScimQuery string
    CompartmentId string
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    Id string
    The provider-assigned unique ID for this managed resource.
    Items []GetAuditEventItem
    Array of audit event summary.
    AccessLevel string
    CompartmentIdInSubtree bool
    ScimQuery string
    compartmentId String
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    id String
    The provider-assigned unique ID for this managed resource.
    items List<GetAuditEventItem>
    Array of audit event summary.
    accessLevel String
    compartmentIdInSubtree Boolean
    scimQuery String
    compartmentId string
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    id string
    The provider-assigned unique ID for this managed resource.
    items GetAuditEventItem[]
    Array of audit event summary.
    accessLevel string
    compartmentIdInSubtree boolean
    scimQuery string
    compartment_id str
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    id str
    The provider-assigned unique ID for this managed resource.
    items GetAuditEventItem]
    Array of audit event summary.
    access_level str
    compartment_id_in_subtree bool
    scim_query str
    compartmentId String
    The OCID of the compartment containing the audit event. This is the same audited target database resource comparment.
    id String
    The provider-assigned unique ID for this managed resource.
    items List<Property Map>
    Array of audit event summary.
    accessLevel String
    compartmentIdInSubtree Boolean
    scimQuery String

    Supporting Types

    GetAuditEventItem

    ActionTaken string
    The action taken for this audit event.
    AuditEventTime string
    Time of audit event occurrence in the target database.
    AuditLocation string
    The location of the audit. Currently the value is audit table.
    AuditPolicies string
    Comma-seperated list of audit policies that caused the current audit event.
    AuditTrailId string
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    AuditType string
    Type of auditing.
    ClientHostname string
    Name of the host machine from which the session was spawned.
    ClientId string
    The client identifier in each Oracle session.
    ClientIp string
    IP address of the host from which the session was spawned.
    ClientProgram string
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    CommandParam string
    List of bind variables associated with the command text.
    CommandText string
    The SQL associated with the audit event.
    CompartmentId string
    A filter to return only resources that match the specified compartment OCID.
    DatabaseType string
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    DbUserName string
    Name of the database user whose actions were audited.
    DefinedTags Dictionary<string, object>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    ErrorCode string
    Oracle Error code generated by the action. Zero indicates the action was successful.
    ErrorMessage string
    Detailed message on why the Error occurred.
    EventName string
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    ExtendedEventAttributes string
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    FreeformTags Dictionary<string, object>
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    Id string
    The OCID of the audit event.
    IsAlerted bool
    Indicates whether an alert was raised for this audit event.
    Object string
    Name of the object affected by the action.
    ObjectOwner string
    Schema name of object affected but the action.
    ObjectType string
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    Operation string
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    OperationStatus string
    Indicates whether the operation was a success or a failure.
    OsTerminal string
    The operating system terminal of the user session.
    OsUserName string
    Name of the operating system user for the database session.
    TargetClass string
    Class of the target that was audited.
    TargetId string
    The OCID of the target database that was audited.
    TargetName string
    The name of the target database that was audited.
    TimeCollected string
    Timestamp when this audit event was collected from the target database by Data Safe.
    ActionTaken string
    The action taken for this audit event.
    AuditEventTime string
    Time of audit event occurrence in the target database.
    AuditLocation string
    The location of the audit. Currently the value is audit table.
    AuditPolicies string
    Comma-seperated list of audit policies that caused the current audit event.
    AuditTrailId string
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    AuditType string
    Type of auditing.
    ClientHostname string
    Name of the host machine from which the session was spawned.
    ClientId string
    The client identifier in each Oracle session.
    ClientIp string
    IP address of the host from which the session was spawned.
    ClientProgram string
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    CommandParam string
    List of bind variables associated with the command text.
    CommandText string
    The SQL associated with the audit event.
    CompartmentId string
    A filter to return only resources that match the specified compartment OCID.
    DatabaseType string
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    DbUserName string
    Name of the database user whose actions were audited.
    DefinedTags map[string]interface{}
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    ErrorCode string
    Oracle Error code generated by the action. Zero indicates the action was successful.
    ErrorMessage string
    Detailed message on why the Error occurred.
    EventName string
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    ExtendedEventAttributes string
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    FreeformTags map[string]interface{}
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    Id string
    The OCID of the audit event.
    IsAlerted bool
    Indicates whether an alert was raised for this audit event.
    Object string
    Name of the object affected by the action.
    ObjectOwner string
    Schema name of object affected but the action.
    ObjectType string
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    Operation string
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    OperationStatus string
    Indicates whether the operation was a success or a failure.
    OsTerminal string
    The operating system terminal of the user session.
    OsUserName string
    Name of the operating system user for the database session.
    TargetClass string
    Class of the target that was audited.
    TargetId string
    The OCID of the target database that was audited.
    TargetName string
    The name of the target database that was audited.
    TimeCollected string
    Timestamp when this audit event was collected from the target database by Data Safe.
    actionTaken String
    The action taken for this audit event.
    auditEventTime String
    Time of audit event occurrence in the target database.
    auditLocation String
    The location of the audit. Currently the value is audit table.
    auditPolicies String
    Comma-seperated list of audit policies that caused the current audit event.
    auditTrailId String
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    auditType String
    Type of auditing.
    clientHostname String
    Name of the host machine from which the session was spawned.
    clientId String
    The client identifier in each Oracle session.
    clientIp String
    IP address of the host from which the session was spawned.
    clientProgram String
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    commandParam String
    List of bind variables associated with the command text.
    commandText String
    The SQL associated with the audit event.
    compartmentId String
    A filter to return only resources that match the specified compartment OCID.
    databaseType String
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    dbUserName String
    Name of the database user whose actions were audited.
    definedTags Map<String,Object>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    errorCode String
    Oracle Error code generated by the action. Zero indicates the action was successful.
    errorMessage String
    Detailed message on why the Error occurred.
    eventName String
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    extendedEventAttributes String
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    freeformTags Map<String,Object>
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    id String
    The OCID of the audit event.
    isAlerted Boolean
    Indicates whether an alert was raised for this audit event.
    object String
    Name of the object affected by the action.
    objectOwner String
    Schema name of object affected but the action.
    objectType String
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    operation String
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    operationStatus String
    Indicates whether the operation was a success or a failure.
    osTerminal String
    The operating system terminal of the user session.
    osUserName String
    Name of the operating system user for the database session.
    targetClass String
    Class of the target that was audited.
    targetId String
    The OCID of the target database that was audited.
    targetName String
    The name of the target database that was audited.
    timeCollected String
    Timestamp when this audit event was collected from the target database by Data Safe.
    actionTaken string
    The action taken for this audit event.
    auditEventTime string
    Time of audit event occurrence in the target database.
    auditLocation string
    The location of the audit. Currently the value is audit table.
    auditPolicies string
    Comma-seperated list of audit policies that caused the current audit event.
    auditTrailId string
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    auditType string
    Type of auditing.
    clientHostname string
    Name of the host machine from which the session was spawned.
    clientId string
    The client identifier in each Oracle session.
    clientIp string
    IP address of the host from which the session was spawned.
    clientProgram string
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    commandParam string
    List of bind variables associated with the command text.
    commandText string
    The SQL associated with the audit event.
    compartmentId string
    A filter to return only resources that match the specified compartment OCID.
    databaseType string
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    dbUserName string
    Name of the database user whose actions were audited.
    definedTags {[key: string]: any}
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    errorCode string
    Oracle Error code generated by the action. Zero indicates the action was successful.
    errorMessage string
    Detailed message on why the Error occurred.
    eventName string
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    extendedEventAttributes string
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    freeformTags {[key: string]: any}
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    id string
    The OCID of the audit event.
    isAlerted boolean
    Indicates whether an alert was raised for this audit event.
    object string
    Name of the object affected by the action.
    objectOwner string
    Schema name of object affected but the action.
    objectType string
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    operation string
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    operationStatus string
    Indicates whether the operation was a success or a failure.
    osTerminal string
    The operating system terminal of the user session.
    osUserName string
    Name of the operating system user for the database session.
    targetClass string
    Class of the target that was audited.
    targetId string
    The OCID of the target database that was audited.
    targetName string
    The name of the target database that was audited.
    timeCollected string
    Timestamp when this audit event was collected from the target database by Data Safe.
    action_taken str
    The action taken for this audit event.
    audit_event_time str
    Time of audit event occurrence in the target database.
    audit_location str
    The location of the audit. Currently the value is audit table.
    audit_policies str
    Comma-seperated list of audit policies that caused the current audit event.
    audit_trail_id str
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    audit_type str
    Type of auditing.
    client_hostname str
    Name of the host machine from which the session was spawned.
    client_id str
    The client identifier in each Oracle session.
    client_ip str
    IP address of the host from which the session was spawned.
    client_program str
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    command_param str
    List of bind variables associated with the command text.
    command_text str
    The SQL associated with the audit event.
    compartment_id str
    A filter to return only resources that match the specified compartment OCID.
    database_type str
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    db_user_name str
    Name of the database user whose actions were audited.
    defined_tags Mapping[str, Any]
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    error_code str
    Oracle Error code generated by the action. Zero indicates the action was successful.
    error_message str
    Detailed message on why the Error occurred.
    event_name str
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    extended_event_attributes str
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    freeform_tags Mapping[str, Any]
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    id str
    The OCID of the audit event.
    is_alerted bool
    Indicates whether an alert was raised for this audit event.
    object str
    Name of the object affected by the action.
    object_owner str
    Schema name of object affected but the action.
    object_type str
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    operation str
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    operation_status str
    Indicates whether the operation was a success or a failure.
    os_terminal str
    The operating system terminal of the user session.
    os_user_name str
    Name of the operating system user for the database session.
    target_class str
    Class of the target that was audited.
    target_id str
    The OCID of the target database that was audited.
    target_name str
    The name of the target database that was audited.
    time_collected str
    Timestamp when this audit event was collected from the target database by Data Safe.
    actionTaken String
    The action taken for this audit event.
    auditEventTime String
    Time of audit event occurrence in the target database.
    auditLocation String
    The location of the audit. Currently the value is audit table.
    auditPolicies String
    Comma-seperated list of audit policies that caused the current audit event.
    auditTrailId String
    The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
    auditType String
    Type of auditing.
    clientHostname String
    Name of the host machine from which the session was spawned.
    clientId String
    The client identifier in each Oracle session.
    clientIp String
    IP address of the host from which the session was spawned.
    clientProgram String
    The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
    commandParam String
    List of bind variables associated with the command text.
    commandText String
    The SQL associated with the audit event.
    compartmentId String
    A filter to return only resources that match the specified compartment OCID.
    databaseType String
    The type of the target database that was audited. Allowed values are

    • DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
    • AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
    • INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
    dbUserName String
    Name of the database user whose actions were audited.
    definedTags Map<Any>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
    errorCode String
    Oracle Error code generated by the action. Zero indicates the action was successful.
    errorMessage String
    Detailed message on why the Error occurred.
    eventName String
    Name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
    extendedEventAttributes String
    List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
    freeformTags Map<Any>
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
    id String
    The OCID of the audit event.
    isAlerted Boolean
    Indicates whether an alert was raised for this audit event.
    object String
    Name of the object affected by the action.
    objectOwner String
    Schema name of object affected but the action.
    objectType String
    Type of object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
    operation String
    Name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
    operationStatus String
    Indicates whether the operation was a success or a failure.
    osTerminal String
    The operating system terminal of the user session.
    osUserName String
    Name of the operating system user for the database session.
    targetClass String
    Class of the target that was audited.
    targetId String
    The OCID of the target database that was audited.
    targetName String
    The name of the target database that was audited.
    timeCollected String
    Timestamp when this audit event was collected from the target database by Data Safe.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v1.27.0 published on Friday, Mar 15, 2024 by Pulumi