The Oracle tutorial you are looking at is: Oracle 8x monitor SYSDBA role User login. Prior to the Oracle 8i release, the internal user was used to perform the database startup and shutdown, as well as create database operations; Oracle has been phasing out internal users since the 8i version, Users who are granted the SYSDBA or Sysoper roles can perform operations such as starting and shutting down the database, and still retain internal users and SVRMGRL in the 8i, but have no use for SVRMGRL tools and internal users at all. The latest release of Oracle 9i has completely eliminated SVRMGRL tools and internal users. Because of the large user rights with role SYSDBA, you can perform operations such as starting and shutting down the database, so you need to monitor users with these roles
In ORACLE database products on UNIX platforms, each time a user logs into a database with SYSDBA privileges, the system automatically creates a file named Ora_.aud, which defaults to the $oracle_home/rdbms/audit directory. The automatic creation of this file does not require the system to turn on auditing at all. In this file, the connected user, the name of the terminal machine and the login time are recorded. Based on this information, we can easily monitor who is logged into the database with SYSDBA privileges. Here is an example:
1. First connect the database server in the client Sqlplus with SYSDBA:
Sql> Conn SYS@GS1 as Sysdba
Please enter password: ********
is connected.
2. View the contents of the latest Ora_.aud file in the server-side $oracle_home/rdbms/audit directory:
As we can see from the above file, the file details the login time, the operation performed, the name of the client user, and the name of the login server terminal machine. Based on this information it is easy to determine who has logged on to the database server with SYSDBA privileges. Note that the interpretation of Chinese characters in the Ora_589980.aud file is added by the author and not automatically generated by the system.