A very intresting parameter  unified_audit_trail_exclude_columns is introduced in 23.6 release. This parameter has no official documentation about it so I played with it to understand what is used for.

The parameter by default is set to “none”. However, the parameter can accept one of the following values:  none, dp_clob_parameters1,  rls_info, sql_binds,  sql_text

Not sure why this parameter is introduced, what is the objective this parameter will serve.

I have set the parameter to sql_text as shown below:

SQL> alter system set unified_audit_trail_exclude_columns=’sql_text’;

If you create a dumy user and checking the unified audit log after setting the parameter unified_audit_trail_exclude_columns to “sql_text”:

SQL> create user c##dummy99 identified by dummy123;

Then, checking audit logs:

SQL> select OS_USERNAME,DBUSERNAME,action_name,SQL_TEXT,OBJECT_NAME from unified_audit_trail where ACTION_NAME=’CREATE USER’ order by event_timestamp desc;

So, the parameter effectively took place and the SQL_TEXT column is empty and not showing the SQL statement for the user creation, the event itself is of course recorded as shown in the above picture.