Docs
Packages
Oracle Cloud Infrastructure v0.19.0, May 26 23
Oracle Cloud Infrastructure v0.19.0, May 26 23
oci.DataSafe.getAuditEvents
Explore with Pulumi AI
This data source provides the list of Audit Events in Oracle Cloud Infrastructure Data Safe service.
The ListAuditEvents operation returns specified compartmentId audit Events only.
The list does not include any audit Events associated with the subcompartments of the specified compartmentId.
The parameter accessLevel specifies whether to return only those compartments for which the
requestor has INSPECT permissions on at least one resource directly
or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if
Principal doesn’t have access to even one of the child compartments. This is valid only when
compartmentIdInSubtree is set to true.
The parameter compartmentIdInSubtree applies when you perform ListAuditEvents on the
compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned.
To get a full list of all compartments and subcompartments in the tenancy (root compartment),
set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testAuditEvents = Oci.DataSafe.GetAuditEvents.Invoke(new()
{
CompartmentId = @var.Compartment_id,
AccessLevel = @var.Audit_event_access_level,
CompartmentIdInSubtree = @var.Audit_event_compartment_id_in_subtree,
ScimQuery = @var.Audit_event_scim_query,
});
});
package main
import (
"github.com/pulumi/pulumi-oci/sdk/go/oci/DataSafe"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := DataSafe.GetAuditEvents(ctx, &datasafe.GetAuditEventsArgs{
CompartmentId: _var.Compartment_id,
AccessLevel: pulumi.StringRef(_var.Audit_event_access_level),
CompartmentIdInSubtree: pulumi.BoolRef(_var.Audit_event_compartment_id_in_subtree),
ScimQuery: pulumi.StringRef(_var.Audit_event_scim_query),
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DataSafe.DataSafeFunctions;
import com.pulumi.oci.DataSafe.inputs.GetAuditEventsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testAuditEvents = DataSafeFunctions.getAuditEvents(GetAuditEventsArgs.builder()
.compartmentId(var_.compartment_id())
.accessLevel(var_.audit_event_access_level())
.compartmentIdInSubtree(var_.audit_event_compartment_id_in_subtree())
.scimQuery(var_.audit_event_scim_query())
.build());
}
}
import pulumi
import pulumi_oci as oci
test_audit_events = oci.DataSafe.get_audit_events(compartment_id=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
access_level=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
compartment_id_in_subtree=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference),
scim_query=%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testAuditEvents = oci.DataSafe.getAuditEvents({
compartmentId: _var.compartment_id,
accessLevel: _var.audit_event_access_level,
compartmentIdInSubtree: _var.audit_event_compartment_id_in_subtree,
scimQuery: _var.audit_event_scim_query,
});
variables:
testAuditEvents:
fn::invoke:
Function: oci:DataSafe:getAuditEvents
Arguments:
compartmentId: ${var.compartment_id}
accessLevel: ${var.audit_event_access_level}
compartmentIdInSubtree: ${var.audit_event_compartment_id_in_subtree}
scimQuery: ${var.audit_event_scim_query}
Using getAuditEvents
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAuditEvents(args: GetAuditEventsArgs, opts?: InvokeOptions): Promise<GetAuditEventsResult>
function getAuditEventsOutput(args: GetAuditEventsOutputArgs, opts?: InvokeOptions): Output<GetAuditEventsResult>def get_audit_events(access_level: Optional[str] = None,
compartment_id: Optional[str] = None,
compartment_id_in_subtree: Optional[bool] = None,
filters: Optional[Sequence[_datasafe.GetAuditEventsFilter]] = None,
scim_query: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAuditEventsResult
def get_audit_events_output(access_level: Optional[pulumi.Input[str]] = None,
compartment_id: Optional[pulumi.Input[str]] = None,
compartment_id_in_subtree: Optional[pulumi.Input[bool]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_datasafe.GetAuditEventsFilterArgs]]]] = None,
scim_query: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAuditEventsResult]func GetAuditEvents(ctx *Context, args *GetAuditEventsArgs, opts ...InvokeOption) (*GetAuditEventsResult, error)
func GetAuditEventsOutput(ctx *Context, args *GetAuditEventsOutputArgs, opts ...InvokeOption) GetAuditEventsResultOutput> Note: This function is named GetAuditEvents in the Go SDK.
public static class GetAuditEvents
{
public static Task<GetAuditEventsResult> InvokeAsync(GetAuditEventsArgs args, InvokeOptions? opts = null)
public static Output<GetAuditEventsResult> Invoke(GetAuditEventsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetAuditEventsResult> getAuditEvents(GetAuditEventsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:DataSafe/getAuditEvents:getAuditEvents
arguments:
# arguments dictionaryThe following arguments are supported:
- Compartment
Id string A filter to return only resources that match the specified compartment OCID.
- Access
Level string Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Filters
List<Get
Audit Events Filter> - Scim
Query string The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
- Compartment
Id string A filter to return only resources that match the specified compartment OCID.
- Access
Level string Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- Compartment
Id boolIn Subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- Filters
[]Get
Audit Events Filter - Scim
Query string The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
- compartment
Id String A filter to return only resources that match the specified compartment OCID.
- access
Level String Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
List<Get
Audit Events Filter> - scim
Query String The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
- compartment
Id string A filter to return only resources that match the specified compartment OCID.
- access
Level string Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id booleanIn Subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
Get
Audit Events Filter[] - scim
Query string The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
- compartment_
id str A filter to return only resources that match the specified compartment OCID.
- access_
level str Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment_
id_ boolin_ subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters
Get
Audit Events Filter] - scim_
query str The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
- compartment
Id String A filter to return only resources that match the specified compartment OCID.
- access
Level String Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
- compartment
Id BooleanIn Subtree Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
- filters List<Property Map>
- scim
Query String The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)
Example: query=(operationTime ge '2021-06-04T01-00-26') and (eventName eq 'LOGON')
getAuditEvents Result
The following output properties are available:
- Audit
Event List<GetCollections Audit Events Audit Event Collection> The list of audit_event_collection.
- Compartment
Id string The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- Id string
The provider-assigned unique ID for this managed resource.
- Access
Level string - Compartment
Id boolIn Subtree - Filters
List<Get
Audit Events Filter> - Scim
Query string
- Audit
Event []GetCollections Audit Events Audit Event Collection The list of audit_event_collection.
- Compartment
Id string The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- Id string
The provider-assigned unique ID for this managed resource.
- Access
Level string - Compartment
Id boolIn Subtree - Filters
[]Get
Audit Events Filter - Scim
Query string
- audit
Event List<GetCollections Audit Events Audit Event Collection> The list of audit_event_collection.
- compartment
Id String The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- id String
The provider-assigned unique ID for this managed resource.
- access
Level String - compartment
Id BooleanIn Subtree - filters
List<Get
Audit Events Filter> - scim
Query String
- audit
Event GetCollections Audit Events Audit Event Collection[] The list of audit_event_collection.
- compartment
Id string The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- id string
The provider-assigned unique ID for this managed resource.
- access
Level string - compartment
Id booleanIn Subtree - filters
Get
Audit Events Filter[] - scim
Query string
- audit_
event_ Getcollections Audit Events Audit Event Collection] The list of audit_event_collection.
- compartment_
id str The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- id str
The provider-assigned unique ID for this managed resource.
- access_
level str - compartment_
id_ boolin_ subtree - filters
Get
Audit Events Filter] - scim_
query str
- audit
Event List<Property Map>Collections The list of audit_event_collection.
- compartment
Id String The OCID of the compartment containing the audit event. This is the same as that of audit profile of the target database resource compartment.
- id String
The provider-assigned unique ID for this managed resource.
- access
Level String - compartment
Id BooleanIn Subtree - filters List<Property Map>
- scim
Query String
Supporting Types
GetAuditEventsAuditEventCollection
- Items
List<Get
Audit Events Audit Event Collection Item> Array of audit event summary.
- Items
[]Get
Audit Events Audit Event Collection Item Array of audit event summary.
- items
List<Get
Audit Events Audit Event Collection Item> Array of audit event summary.
- items
Get
Audit Events Audit Event Collection Item[] Array of audit event summary.
- items
Get
Audit Events Audit Event Collection Item] Array of audit event summary.
- items List<Property Map>
Array of audit event summary.
GetAuditEventsAuditEventCollectionItem
- Action
Taken string The action taken for this audit event.
- Audit
Event stringTime The time of the audit event occurrence in the target database.
- Audit
Location string The location of the audit. Currently the value is audit table.
- Audit
Policies string Comma-seperated list of audit policies that caused the current audit event.
- Audit
Trail stringId The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- Audit
Type string The type of the auditing.
- Client
Hostname string The name of the host machine from which the session was spawned.
- Client
Id string The client identifier in each Oracle session.
- Client
Ip string The IP address of the host machine from which the session was spawned.
- Client
Program string The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- Command
Param string List of bind variables associated with the command text.
- Command
Text string The SQL associated with the audit event.
- Compartment
Id string A filter to return only resources that match the specified compartment OCID.
- Database
Type string The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- Db
User stringName The name of the database user whose actions were audited.
- Dictionary<string, object>
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- Error
Code string Oracle Error code generated by the action. Zero indicates the action was successful.
- Error
Message string The detailed message on why the Error occurred.
- Event
Name string The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- Extended
Event stringAttributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- Dictionary<string, object>
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- Id string
The OCID of the audit event.
- Is
Alerted bool Indicates whether an alert was raised for this audit event.
- Object string
The name of the object affected by the action.
- Object
Owner string The schema name of the object affected by the action.
- Object
Type string The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- Operation string
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- Operation
Status string Indicates whether the operation was a success or a failure.
- Os
Terminal string The operating system terminal of the user session.
- Os
User stringName The name of the operating system user for the database session.
- Target
Class string The class of the target that was audited.
- Target
Id string The OCID of the target database that was audited.
- Target
Name string The name of the target database that was audited.
- Time
Collected string The timestamp when this audit event was collected from the target database by Data Safe.
- Action
Taken string The action taken for this audit event.
- Audit
Event stringTime The time of the audit event occurrence in the target database.
- Audit
Location string The location of the audit. Currently the value is audit table.
- Audit
Policies string Comma-seperated list of audit policies that caused the current audit event.
- Audit
Trail stringId The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- Audit
Type string The type of the auditing.
- Client
Hostname string The name of the host machine from which the session was spawned.
- Client
Id string The client identifier in each Oracle session.
- Client
Ip string The IP address of the host machine from which the session was spawned.
- Client
Program string The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- Command
Param string List of bind variables associated with the command text.
- Command
Text string The SQL associated with the audit event.
- Compartment
Id string A filter to return only resources that match the specified compartment OCID.
- Database
Type string The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- Db
User stringName The name of the database user whose actions were audited.
- map[string]interface{}
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- Error
Code string Oracle Error code generated by the action. Zero indicates the action was successful.
- Error
Message string The detailed message on why the Error occurred.
- Event
Name string The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- Extended
Event stringAttributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- map[string]interface{}
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- Id string
The OCID of the audit event.
- Is
Alerted bool Indicates whether an alert was raised for this audit event.
- Object string
The name of the object affected by the action.
- Object
Owner string The schema name of the object affected by the action.
- Object
Type string The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- Operation string
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- Operation
Status string Indicates whether the operation was a success or a failure.
- Os
Terminal string The operating system terminal of the user session.
- Os
User stringName The name of the operating system user for the database session.
- Target
Class string The class of the target that was audited.
- Target
Id string The OCID of the target database that was audited.
- Target
Name string The name of the target database that was audited.
- Time
Collected string The timestamp when this audit event was collected from the target database by Data Safe.
- action
Taken String The action taken for this audit event.
- audit
Event StringTime The time of the audit event occurrence in the target database.
- audit
Location String The location of the audit. Currently the value is audit table.
- audit
Policies String Comma-seperated list of audit policies that caused the current audit event.
- audit
Trail StringId The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- audit
Type String The type of the auditing.
- client
Hostname String The name of the host machine from which the session was spawned.
- client
Id String The client identifier in each Oracle session.
- client
Ip String The IP address of the host machine from which the session was spawned.
- client
Program String The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- command
Param String List of bind variables associated with the command text.
- command
Text String The SQL associated with the audit event.
- compartment
Id String A filter to return only resources that match the specified compartment OCID.
- database
Type String The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- db
User StringName The name of the database user whose actions were audited.
- Map<String,Object>
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- error
Code String Oracle Error code generated by the action. Zero indicates the action was successful.
- error
Message String The detailed message on why the Error occurred.
- event
Name String The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- extended
Event StringAttributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- Map<String,Object>
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- id String
The OCID of the audit event.
- is
Alerted Boolean Indicates whether an alert was raised for this audit event.
- object String
The name of the object affected by the action.
- object
Owner String The schema name of the object affected by the action.
- object
Type String The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- operation String
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- operation
Status String Indicates whether the operation was a success or a failure.
- os
Terminal String The operating system terminal of the user session.
- os
User StringName The name of the operating system user for the database session.
- target
Class String The class of the target that was audited.
- target
Id String The OCID of the target database that was audited.
- target
Name String The name of the target database that was audited.
- time
Collected String The timestamp when this audit event was collected from the target database by Data Safe.
- action
Taken string The action taken for this audit event.
- audit
Event stringTime The time of the audit event occurrence in the target database.
- audit
Location string The location of the audit. Currently the value is audit table.
- audit
Policies string Comma-seperated list of audit policies that caused the current audit event.
- audit
Trail stringId The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- audit
Type string The type of the auditing.
- client
Hostname string The name of the host machine from which the session was spawned.
- client
Id string The client identifier in each Oracle session.
- client
Ip string The IP address of the host machine from which the session was spawned.
- client
Program string The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- command
Param string List of bind variables associated with the command text.
- command
Text string The SQL associated with the audit event.
- compartment
Id string A filter to return only resources that match the specified compartment OCID.
- database
Type string The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- db
User stringName The name of the database user whose actions were audited.
- {[key: string]: any}
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- error
Code string Oracle Error code generated by the action. Zero indicates the action was successful.
- error
Message string The detailed message on why the Error occurred.
- event
Name string The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- extended
Event stringAttributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- {[key: string]: any}
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- id string
The OCID of the audit event.
- is
Alerted boolean Indicates whether an alert was raised for this audit event.
- object string
The name of the object affected by the action.
- object
Owner string The schema name of the object affected by the action.
- object
Type string The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- operation string
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- operation
Status string Indicates whether the operation was a success or a failure.
- os
Terminal string The operating system terminal of the user session.
- os
User stringName The name of the operating system user for the database session.
- target
Class string The class of the target that was audited.
- target
Id string The OCID of the target database that was audited.
- target
Name string The name of the target database that was audited.
- time
Collected string The timestamp when this audit event was collected from the target database by Data Safe.
- action_
taken str The action taken for this audit event.
- audit_
event_ strtime The time of the audit event occurrence in the target database.
- audit_
location str The location of the audit. Currently the value is audit table.
- audit_
policies str Comma-seperated list of audit policies that caused the current audit event.
- audit_
trail_ strid The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- audit_
type str The type of the auditing.
- client_
hostname str The name of the host machine from which the session was spawned.
- client_
id str The client identifier in each Oracle session.
- client_
ip str The IP address of the host machine from which the session was spawned.
- client_
program str The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- command_
param str List of bind variables associated with the command text.
- command_
text str The SQL associated with the audit event.
- compartment_
id str A filter to return only resources that match the specified compartment OCID.
- database_
type str The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- db_
user_ strname The name of the database user whose actions were audited.
- Mapping[str, Any]
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- error_
code str Oracle Error code generated by the action. Zero indicates the action was successful.
- error_
message str The detailed message on why the Error occurred.
- event_
name str The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- extended_
event_ strattributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- Mapping[str, Any]
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- id str
The OCID of the audit event.
- is_
alerted bool Indicates whether an alert was raised for this audit event.
- object str
The name of the object affected by the action.
- object_
owner str The schema name of the object affected by the action.
- object_
type str The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- operation str
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- operation_
status str Indicates whether the operation was a success or a failure.
- os_
terminal str The operating system terminal of the user session.
- os_
user_ strname The name of the operating system user for the database session.
- target_
class str The class of the target that was audited.
- target_
id str The OCID of the target database that was audited.
- target_
name str The name of the target database that was audited.
- time_
collected str The timestamp when this audit event was collected from the target database by Data Safe.
- action
Taken String The action taken for this audit event.
- audit
Event StringTime The time of the audit event occurrence in the target database.
- audit
Location String The location of the audit. Currently the value is audit table.
- audit
Policies String Comma-seperated list of audit policies that caused the current audit event.
- audit
Trail StringId The OCID of the audit trail that generated this audit event. To be noted, this field has been deprecated.
- audit
Type String The type of the auditing.
- client
Hostname String The name of the host machine from which the session was spawned.
- client
Id String The client identifier in each Oracle session.
- client
Ip String The IP address of the host machine from which the session was spawned.
- client
Program String The application from which the audit event was generated. Examples SQL Plus or SQL Developer.
- command
Param String List of bind variables associated with the command text.
- command
Text String The SQL associated with the audit event.
- compartment
Id String A filter to return only resources that match the specified compartment OCID.
- database
Type String The type of the target database that was audited. Allowed values are
- DATABASE_CLOUD_SERVICE - Represents Oracle Database Cloud Services.
- AUTONOMOUS_DATABASE - Represents Oracle Autonomous Databases.
- INSTALLED_DATABASE - Represents databases running on-premises or on compute instances.
- db
User StringName The name of the database user whose actions were audited.
- Map<Any>
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example:
{"Operations.CostCenter": "42"}- error
Code String Oracle Error code generated by the action. Zero indicates the action was successful.
- error
Message String The detailed message on why the Error occurred.
- event
Name String The name of the detail action executed by the user on the target database. i.e ALTER SEQUENCE, CREATE TRIGGER, CREATE INDEX.
- extended
Event StringAttributes List of all other attributes of the audit event seperated by a colon other than the one returned in audit record.
- Map<Any>
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example:
{"Department": "Finance"}- id String
The OCID of the audit event.
- is
Alerted Boolean Indicates whether an alert was raised for this audit event.
- object String
The name of the object affected by the action.
- object
Owner String The schema name of the object affected by the action.
- object
Type String The type of the object in the source database affected by the action. i.e PL/SQL, SYNONYM, PACKAGE BODY.
- operation String
The name of the action executed by the user on the target database. i.e ALTER, CREATE, DROP.
- operation
Status String Indicates whether the operation was a success or a failure.
- os
Terminal String The operating system terminal of the user session.
- os
User StringName The name of the operating system user for the database session.
- target
Class String The class of the target that was audited.
- target
Id String The OCID of the target database that was audited.
- target
Name String The name of the target database that was audited.
- time
Collected String The timestamp when this audit event was collected from the target database by Data Safe.
GetAuditEventsFilter
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
ociTerraform Provider.