Skip to main content

Audit Lookup

The Audit Lookup screen is the detail view of the database-level audit. One line per (Application, Row, Column, Audit type, Value). Each row pairs a column with its BEFORE and AFTER value at the time of the operation, joining the audit header with the audit values.

This is the screen auditors open to see what changed inside the row — not just that the row changed.

At a glance

Nomasx-1 · Database · Audit LookupDATEUSERNAMETABLETYPECOLUMNVALUEOPERATION2026-05-14JDOEF0411BEFORERPAA1 250.00UPDATE2026-05-14JDOEF0411AFTERRPAA1 500.00UPDATE2026-05-14JDOEF0411BEFORERPDOCVCHR-0042UPDATE2026-05-14JDOEF0411AFTERRPDOCVCHR-0042UPDATE

Goal of the view

For each column captured in an audited operation:

  • What changed. BEFORE + AFTER on the same column makes the modification visible in one read.
  • Joined to the user and the operation. The header context (date, table, user, operation) is repeated on each row — handy when filtering on a specific column or value.
  • Source of evidence. A row here is the proof that an operation took place. Auditors paste it into the SOX finding.

Columns

ColumnSourceWhat it tells you
Application IDAUD_APPS_ID — application identifier. Filterable.The connected application.
Row IDAUD_ROW_ID — internal row identifier.Stable reference across audit entries.
Transaction dateAUD_DT_TRANSACTION — date. Filterable.When the operation happened.
UsernameAUD_USERNAME — application or DB user. Filterable.Who performed the operation.
TableAUD_SEG_NAME — table name. Filterable.Object that was changed.
TypeAUD_TYPEBEFORE / AFTER.Snapshot side.
ColumnAUD_NAME — column name. Filterable.Which column the value applies to.
ValueAUD_VALUE — raw value. Filterable.The value snapshotted.
OperationAUD_OPERATIONINSERT / UPDATE / DELETE.What the underlying operation was.
SchemaAUD_SEG_OWNER — database schema.Where the table lives.

Tips & best practices

  • Filter on a Column + Value to ask who changed this field to that value, and when.
  • Group rows by Row ID to read a full before/after for the same record — the most useful view for auditors.
  • Use the Operation filter to scope the search to a specific kind of mutation. DELETE rows have no AFTER value — only BEFORE.
  • Cross-reference with the Audit Trail header to confirm the row count of an operation matches the number of rows you can see at this level.