Security Audit Levels for Users and Roles
Security audit levels can also be specified for individual users (directly or through a profile) and for roles (requires the maintain_audit privilege). You can specify the security audit level whenever you create or modify the user, profile, or role.
By default, users are audited for default events (as specified by the security audit statements). However, you can specify that a user be audited for all events and even that the query text associated with the user’s queries be audited.
Important! Because query text auditing is detailed and takes up a lot of space in the security log file, it must be explicitly enabled at the user level and using ENABLE SECURITY_AUDIT QUERY_TEXT. Otherwise, no query text auditing can take place.
By default, roles are audited according to the settings for the individuals using the role. However, because a role can give a user privileges the user does not otherwise have, you can specify that anyone who uses a role be audited for all events while using the role, regardless of that user’s audit state.
Note: Default auditing levels (as well as other default user and role attributes) are determined by the default profile. If the default profile is modified, the defaults stated in this section do not apply.