'How to delete oracle trace and audit logs from AWS RDS?

I need to delete all the audit and trace logs, one day before, from AWWS RDS oracle 12c. But in the logs sections of RDS, still showing same count.

I tried these queries but not working.

My SQL command history below:

EXEC rdsadmin.manage_tracefiles.purge_tracefiles('alert_ORCL.log.2021-02-15');
exec rdsadmin.manage_tracefiles.purge_tracefiles(60);
exec rdsadmin.manage_auditfiles.purge_auditfiles(60);
exec rdsadmin.rdsadmin_master_util.drop_archivelog_dir;

SELECT * FROM table(rdsadmin.rds_file_util.listdir('BDUMP')) 

select nvl(sum(BLOCKS * BLOCK_SIZE),0)/1024/1024/1024 GB from V$ARCHIVED_LOG  where DEST_ID=1 and ARCHIVED='YES' and DELETED='NO';
select * from V$ARCHIVED_LOG  where DEST_ID=1 and ARCHIVED='YES' and DELETED='NO';

set serveroutput on
exec rdsadmin.rdsadmin_util.show_configuration;

begin
  dbms_audit_mgmt.set_last_archive_timestamp (
    audit_trail_type => dbms_audit_mgmt.audit_trail_xml,
    last_archive_time => sysdate
  );
end;
/ 
 
select * from dba_audit_mgmt_last_arch_ts;
 
begin
  dbms_audit_mgmt.clean_audit_trail (
    audit_trail_type => dbms_audit_mgmt.audit_trail_xml,
    use_last_arch_timestamp => true
  );
end;
/

Any suggestions please.

Tried these also

oracleoracle12c


Solution 1:[1]

"insufficient privileges" legitimately appears from time to time during learning. It is not necessarily an indication that the user is about to do something harmful or nefarious. In this case, the user is simply trying to work out how do do an unfamiliar task and control AWS costs task on a test system. Truncate table sys.audit$ is an acceptable method in some situations, but it only works as SYS. In RDS, you do not have direct access to SYS and that is why "insufficient privileges" appears.

Solution 2:[2]

Check the number and maximum age of your audit files.

set linesize 80
set trimspool on
select
count(*) num_files,
round(sum(filesize)/1024/1024) mb,
round(sysdate - min(mtime),4) days
from table(
    rdsadmin.rds_file_util.listdir(
    'ADUMP'
    )
)
where type = 'file'
and filename like '%.aud'
;

quit


 NUM_FILES         MB       DAYS
---------- ---------- ----------
      5856         58     7.0031

Then run:

SQL> set serveroutput on
SQL> exec rdsadmin.rdsadmin_util.set_configuration('tracefile retention', 0);
SQL> exec rdsadmin.manage_tracefiles.purge_tracefiles(0);

Then wait for 5 minutes and check:

 NUM_FILES         MB       DAYS
---------- ---------- ----------
         5          0      .0005

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Brian Fitzgerald
Solution 2 Brian Fitzgerald

Related Questions

Find the number of employees in each department - SQL Oracle

How to Dynamically Name Table in Oracle SQL Select Statement?

How to acess locally installed Oracle 11 g throught PL/SQL Developer 9

Conditions (like "like") on binary field (blob) in oracle

Using ODP.NET OracleAQQueue.Listen on a Multiconsumer Queue

PLS-00103 error for procedure

PL/SQL print out ref cursor returned by a stored procedure

Dynamic Column Name for a Derived Column - ORACLE SQL

SP2-0310: unable to open file .sql

How to one data file upload into multiple table by sql loader in oracle 10g example

Oracle appending string to a select statement

How would I make Flutter connection with Oracle?

Spring PreparedStatementCallback; uncategorized SQLException for SQL Invalid Column Type Oracle

Function Based Index not improving query performance

How To Set Server Output On in DataGrip