000029915 - How to create a compressed tar archive of the grid audit files

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029915
IssueThe directory /u01/app/11.2.0/grid/rdbms/audit contains files ending in .aud which are small in size but if you have 1/2 a million or more, their size becomes relevant.  The normal tar command will result in too many arguments if you attempt to archive *.aud.
These audit files keep a record of execution of sqlplus commands and certain audit requirements may prevent the purging of these files.
ResolutionTo create a gzipped tar file and work around the too many arguments error you would normally receive follow these steps:
Access the directory as the oracle or root user:
cd to /u01/app/11.2.0/grid/rdbms/audit
Execute this command:
tar zcvf audit_`date +%Y%m%d_%H%M%S`.tar.gz --remove-files --exclude=*.tar.gz . 2> /dev/null
The command will begin to echo each file that is being archived.
As it archives each file, it will remove it from the folder.
The exclude statement in the command ensures that subsequent runs will not include the previous archive in the current.
The 2> omits an expected error at the end of the command completion where it attempts to rmdir the current non-empty directory.
You will be left with a file that is the <date and time>.tar.gz