How to Enable Unified Auditing in Oracle E-Business Suite 12.2

By modern oracle dba - May 18, 2026

Oracle EBS R12.2 Unified Auditing – Enable, Configure and Validate (Step-by-Step Guide)

Unified Auditing is Oracle Database’s consolidated auditing framework that combines standard auditing, fine-grained auditing (FGA), RMAN auditing, Data Pump auditing, and other audit mechanisms into a single unified audit trail (UNIFIED_AUDIT_TRAIL view).

In Oracle EBS R12.2, Unified Auditing is used to track sensitive object access, security object modifications, account management, login failures, and tablespace changes. It provides a centralized and secure auditing mechanism to simplify compliance and monitoring.

Prerequisites

Before proceeding, ensure that the Oracle E-Business Suite environment meets the minimum required AD and TXK code levels.

R12.AD.C.Delta.13 (Minimum)
R12.TXK.C.Delta.13 (Minimum)

Validate Current Auditing Status

SQL> SELECT VALUE
     FROM V$OPTION
     WHERE PARAMETER = 'Unified Auditing';

If the result is FALSE, Unified Auditing is not enabled.

Procedure to Enable Unified Auditing

Step 1: Stop EBS Services

$ adstpall.sh apps/<apps_password>

Step 2: Shutdown Database (All RAC Nodes)

$ sqlplus / as sysdba

SQL> shutdown immediate;

Step 3: Relink Oracle Binary (Enable Unified Audit)

$ cd $ORACLE_HOME/rdbms/lib

$ make -f ins_rdbms.mk uniaud_on ioracle ORACLE_HOME=$ORACLE_HOME

Step 4: Set audit_trail Parameter

$ sqlplus / as sysdba

SQL> startup nomount;
SQL> alter system set audit_trail=NONE scope=spfile;
SQL> shutdown immediate;
SQL> startup;

Step 5: Validate

SQL> SELECT VALUE
     FROM V$OPTION
     WHERE PARAMETER = 'Unified Auditing';

-- Should return TRUE

SQL> SHOW PARAMETER audit_trail;

-- Should return NONE

Step 6: Create Unified Audit User (CDB Level)

SQL> CREATE USER c##audit IDENTIFIED BY <password>;

SQL> GRANT CREATE SESSION TO c##audit CONTAINER=ALL;
SQL> GRANT AUDIT_ADMIN TO c##audit CONTAINER=ALL;
SQL> GRANT SELECT_CATALOG_ROLE TO c##audit CONTAINER=ALL;
SQL> GRANT CREATE PROCEDURE TO c##audit CONTAINER=ALL;
SQL> GRANT AUDIT SYSTEM TO c##audit CONTAINER=ALL;
SQL> GRANT AUDIT ANY TO c##audit CONTAINER=ALL;

SQL> GRANT SELECT ON SYS.audit_unified_contexts TO c##audit CONTAINER=ALL;
SQL> GRANT SELECT ON SYS.audit_unified_policies TO c##audit CONTAINER=ALL;
SQL> GRANT SELECT ON SYS.audit_unified_enabled_policies TO c##audit CONTAINER=ALL;

Step 7: Create Unified Audit User (PDB Level)

SQL> ALTER SESSION SET CONTAINER=<PDB_NAME>;

SQL> CREATE USER ebsuaad IDENTIFIED BY <password>;

SQL> GRANT CREATE SESSION TO ebsuaad;
SQL> GRANT AUDIT_ADMIN TO ebsuaad;
SQL> GRANT SELECT_CATALOG_ROLE TO ebsuaad;
SQL> GRANT CREATE PROCEDURE TO ebsuaad;
SQL> GRANT AUDIT SYSTEM TO ebsuaad;
SQL> GRANT AUDIT ANY TO ebsuaad;

SQL> GRANT SELECT ON SYS.audit_unified_contexts TO ebsuaad;
SQL> GRANT SELECT ON SYS.audit_unified_policies TO ebsuaad;
SQL> GRANT SELECT ON SYS.audit_unified_enabled_policies TO ebsuaad;

Step 8: Create EBS Unified Policies

$ cd $FND_TOP/patch/115/sql

$ sqlplus c##audit/<password>
SQL> @fnd_create_UA_policies.sql

$ sqlplus ebsuaad/<password>@<PDB_SERVICE>
SQL> @fnd_create_UA_policies.sql

Validate Enabled Policies

SQL> SHOW PDBS;

    CON_ID CON_NAME   OPEN MODE  RESTRICTED
---------- ---------- ---------- ----------
         3 ebsdb      READ WRITE NO

SQL> SELECT policy_name 
     FROM audit_unified_enabled_policies 
     ORDER BY policy_name;

POLICY_NAME
-----------------------------------------------------------------------------------------------------------------
EBS_ACTIONS_ON_SEC_OBJ
EBS_ACTIONS_ON_SENSITIVE_OBJ
EBS_AUDIT_DATAPUMP
EBS_OLS_POLICY_CHANGES
EBS_REDACTION_POLICY_CHANGES
EBS_TABLESPACE_CHANGES
EBS_VPD_POLICY_CHANGES
ORA_ACCOUNT_MGMT
ORA_DATABASE_PARAMETER
ORA_LOGON_FAILURES

10 rows selected.

The above output confirms that Unified Auditing is successfully enabled and the default EBS audit policies are active in the PDB.

Step 9: Start EBS Services

$ adstrtal.sh apps/<apps_password>

Procedure to Disable Unified Auditing

Relink Binary (Disable)

$ cd $ORACLE_HOME/rdbms/lib

$ make -f ins_rdbms.mk uniaud_off ioracle ORACLE_HOME=$ORACLE_HOME

Set Traditional Auditing

$ sqlplus / as sysdba

SQL> startup nomount;
SQL> alter system set audit_trail=DB scope=spfile;
SQL> shutdown immediate;
SQL> startup;

Validate

SQL> SELECT VALUE
     FROM V$OPTION
     WHERE PARAMETER = 'Unified Auditing';

SQL> SHOW PARAMETER audit_trail;

References

Oracle MOS Document ID 2777404.1 – Enabling Unified Auditing in Oracle E-Business Suite Release 12.2

Search This Blog

Modern Oracle DBA