Skip to main content

Audit Trail

The Audit Trail screen is the header view of the database-level audit. One line per (Application, Transaction date, Operation, Schema, Table, User). Each row counts how many records were touched in a given audited operation on a connected application — INSERT, UPDATE, DELETE or TRUNCATE.

It complements Activity log (which captures usage tracking) with low-level database mutations — the kind of trace SOX-style controls expect.

At a glance

Nomasx-1 · Database · Audit TrailAPPTRANSACTION DATEOPERATIONSCHEMATABLEUSERCOUNT122026-05-14 09:42UPDATEPRODDTAF0411JDOE42122026-05-14 02:14INSERTPRODDTAF4101SVC_BATCH12 481122026-05-13 18:51DELETEPRODDTAF0411Z1DBA_OPS3 102122026-05-13 11:08UPDATEPRODDTAF0101MSMITH7

Goal of the view

For every audited database mutation on a connected application:

  • The header. Date, operation type, schema, table, user, row count. Enough to identify the operation without yet reading every changed column.
  • Volume signal. Count surfaces mass updates and deletes — typical inputs of a SOX walkthrough.
  • Drill-down entry point. A click into a row opens the Audit Lookup screen with the before / after column values.

Columns

ColumnSourceWhat it tells you
Application IDAUD_APPS_ID — application identifier.The connected application.
Transaction dateAUD_DT_TRANSACTION — timestamp.When the operation hit the database.
OperationAUD_OPERATIONINSERT / UPDATE / DELETE / TRUNCATE.What was done.
SchemaAUD_SEG_OWNER — database schema.Where the table lives.
TableAUD_SEG_NAME — table name.Object touched.
UserAUD_USER — database account.Who executed the operation at the DB level.
CountAUD_COUNT — number of rows affected.Volume of the operation.

Tips & best practices

  • Filter on Operation = DELETE in the audit period — every deletion has to be justifiable.
  • Filter on a User to retrieve the database-level activity of a specific account. Match against the corresponding Activity log row to see whether the change was driven through the application or directly on the database.
  • A Count above the day's typical range for the same table is the kind of anomaly worth a question to the DBA team.
  • The screen is read-only for everyone except an administrator. Editable entry points exist (audit_trail_post / audit_trail_put) but are intended for the Nomasx-1 ingestion pipeline, not manual data entry.