When doing Audit on any table on the the database , the default auditing is DB. SQL > show parameters audit_trail NAME TYPE VALUE ------------------------------------ ----------- ------------------------------ audit_trail string DB in this case , when you do audit on some table. SQL> audit all on scott.emp by access; Audit succeeded SQL> update emp set sal=sal*0.95 where job='MANAGER'; 3 rows updated. if you want to know the statement made these changes, you will receive nothing on the sql_text field while you are selecting the audit_trial table.
SQL Injection , XSS , CRSF , Security misconfiguration and CSSLP