I thought for sure this was captured by "audit session", but I looked it
up and found that I was wrong. I checked both the dba_audit_session
view and the sys.aud$ table and v$session.program is not captured.
Sounds like a good enhancement request to me, but in the meantime I
think you'll have to use a logon trigger. Here is some code to get you
started (Beware - I haven't tested this, use at your own risk):
create table user_log
CREATE OR REPLACE TRIGGER "LOGON_AUDIT_TRIGGER" AFTER
LOGON ON DATABASE
sess := sys_context('USERENV','SESSIONID');
SELECT program,sid,osuser INTO prog,s_sid,s_osuser FROM v$session
WHERE audsid = sess and rownum<=1;
INSERT INTO user_log VALUES
Privileged/Confidential Information may be contained in this message or attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of this company shall be understood as neither given nor endorsed by it.