I received a list of items from a security scan that I need to implement.
Item: Ensure the 'CREATE USER' Action Audit Is Enabled
Solution: ALTER AUDIT POLICY CIS_UNIFIED_AUDIT_POLICY ADD ACTIONS CREATE USER;
Result: [Error] Execution (1: 1): ORA-46357: Audit policy CIS_UNIFIED_AUDIT_POLICY not found.
Note Provided: If you do not have CIS_UNIFIED_AUDIT_POLICY, please create one using the CREATE AUDIT POLICY statement.
Question: How to do as the Note suggests?
There is additional list of items to implement after CREATE USER like,
ALTER AUDIT POLICY CIS_UNIFIED_AUDIT_POLICY ADD ACTIONS DROP USER;
Note: Using Oracle 19C, non container db.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Most Valuable Expert award recognizes technology experts who passionately share their knowledge with the community, demonstrate the core values of this platform, and go the extra mile in all aspects of their contributions. This award is based off of nominations by EE users and experts. Multiple MVEs may be awarded each year.
This award recognizes a member of Experts Exchange who has made outstanding contributions to the community within their first year as an expert. The Rookie of the Year is awarded to a new expert who has the highest number of quality contributions.