I received a list of items from a security scan that I need to implement.
Item: Ensure the 'CREATE USER' Action Audit Is Enabled
Solution: ALTER AUDIT POLICY CIS_UNIFIED_AUDIT_POLICY ADD ACTIONS CREATE USER;
Result: [Error] Execution (1: 1): ORA-46357: Audit policy CIS_UNIFIED_AUDIT_POLICY not found.
Note Provided: If you do not have CIS_UNIFIED_AUDIT_POLICY, please create one using the CREATE AUDIT POLICY statement.
Question: How to do as the Note suggests?
There is additional list of items to implement after CREATE USER like,
ALTER AUDIT POLICY CIS_UNIFIED_AUDIT_POLICY ADD ACTIONS DROP USER;
Note: Using Oracle 19C, non container db.