ABSTRACT
In Chapters 9 through 11 you saw various auditing options. All these options focus on showing the “who,” “what,” “when,” “where” based on a set of criteria. Th e criteria can be a command, an object, a privilege, any combination thereof, or even an arbitrary highly granular condition. What is common to all these techniques is that they are user-focused-i.e., they log what the user did. Th ey give you the Structured Query Language (SQL) text that was performed by the user. Th ey don’t give you which data was selected by the user or what data was modifi ed by the user (in terms of what the value was before the change and what it is after the change). You can usually infer the “after value” from the SQL statement but getting the “before value” is a whole diff erent ballgame. Th is chapter outlines the various options you have for getting before and after values and selected data as part of the audit trail.
