Auditing - Oracle 19c database

Dear Erman,

We are 5 DBAs in our team. Recently, someone deleted table data in dev database. Since we all are using oracle user to login to server and there after connecting to database as sys user. We are unable to identify.

What is the best practice that we can have to solve those kind of issues? Please kindly share your expertise.

Thanks,

SG

First of all; eliminate using shared accounts, implement "Least Privilege" access, and enable Unified Auditing -- these are for the future.

For high-security environments, Oracle Database Vault can be used to restrict even DBAs.. I guess you already know that. You may also consider using proxy authentication.

These are all documented.

The most impactful change and the quickest move is to create five individual named database users with DBA roles, of course.