Oracle Cloud Infrastructure Documentation

User Assessment Report

A User Assessment job generates a report that helps you identify users that pose a risk to your target database. The User Assessment report includes four charts and a table.

The following charts are displayed at the top of the report:
  • User Risk: Shows the percentage of users who are Critical Risk, High Risk, Medium Risk, and Low Risk.
  • User Roles: Compares the number of users with the DBA, DV Admin, and Audit Admin roles.
  • Last Password Change: Shows the number of users who have changed their passwords in the last 30 days, the last 30-90 days, and 90 days ago or more.
  • Last Login: Shows the number of users that signed in to the database within the last 24 hours, within the last week, within the current month, within the current year, and a year ago or more.

The table is displayed below the charts and contains the following information about each user in a target database:

  • User account name
  • Target database name
  • User type: Admin, Application, Privileged, Schema, or Non-privileged. A user with one or more of the following administrative privileges is classified as an Admin user: SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, or SYSKM. A privileged user is a user who is granted system and object privileges that classify the user as High or Very High risk.
  • A check mark if the user has the DBA, DV Admin, or Audit Admin role
  • Risk level: Low, Medium, High, and Critical
  • Status: OPEN, LOCKED, or EXPIRED & LOCKED
  • Date/time when the user last logged into the target database
  • Time duration since the user was created, for example, four months ago
  • Authentication method used by the user, for example, PASSWORD or NONE
  • Password profile used by the user, for example, DEFAULT
  • Date/time when the user's password was last changed
  • Link to the user's audit records