diff --git a/oci.sh b/oci.sh
new file mode 100644
index 0000000..47d8ba0
--- /dev/null
+++ b/oci.sh
@@ -0,0 +1,182 @@
+#!/bin/bash
+
+################# FUNCTION TO DISPLAY HELP
+show_help() {
+	echo "Usage: oci.sh [OPTION]"
+	echo "Options:"
+	echo "  -lu    List all users in the tenancy"
+	echo "  -lc    List all compartments in the tenancy"
+	echo "  -la    List and parse audit events for a specific user (filtered by email)///ONLY WORKS FOR OWN DATA"
+	echo "  -h     Show this help message"
+}
+
+
+SEP="echo -------------------------------"
+
+activate_venv() {
+	$SEP
+	echo "Activating oci-cli venv..."
+	source $HOME/oci-cli/oci/bin/activate
+	sleep 0.5
+	$SEP
+}
+
+
+test_connection() {
+	echo "Testing Oci Connection...."
+	$SEP
+	oci iam region list > /dev/null
+	STATUS=$?
+
+	if [[ $STATUS -eq 0 ]]; then
+		echo "Test connection to oci completed succesfully!"
+	else
+		echo "Something went wrong, check oci-cli config file"
+		exit 1
+	fi
+}
+
+################# LIST ALL USERS IN TENANCY
+list_users_lite() {
+	TENANCY_ID=$(oci iam compartment list --query 'data[0]."compartment-id"' --raw-output)
+	echo "Listing users in tenancy: $TENANCY_ID"
+	$SEP
+	oci iam user list --compartment-id $TENANCY_ID | grep email | awk -F '"' '{print $4}' | grep -v '^$' | paste -sd ',' -
+	$SEP
+}
+
+################# LIST ALL COMPARTMENTS IN TENANCY
+list_compartments() {
+	echo "Listing all compartments in the tenancy"
+	$SEP
+
+	#////////////////TABLE HEADER\\\\\\\\\\\\\\\#########
+	printf "  %-25s | %-12s | %-25s | %-s\n" "Name" "State" "Created By" "Description"
+	echo "$(printf '%.0s-' {1..130})"
+
+	#////////////FETCH AND JQ PARSE\\\\\\\\\\\\\\\#
+	oci iam compartment list --all --compartment-id-in-subtree true 2>/dev/null | \
+	jq -r '.data[] |
+	  [
+	    (.name // ""),
+	    (.["lifecycle-state"] // ""),
+	    (.["defined-tags"]["Oracle-Tags"]["CreatedBy"] // "" | split("/")[1] // ""),
+	    (.description // "")
+	  ] |
+	  @tsv' | \
+	awk -F'\t' '{printf "  %-25s | %-12s | %-25s | %s\n", $1, $2, $3, $4}'
+
+	$SEP
+}
+
+################# LIST AUDIT EVENTS FOR USER
+list_audit_events() {
+	TENANCY_ID=$(oci iam compartment list --query 'data[0]."compartment-id"' --raw-output)
+	echo "Enter email to search audit events:"
+	read -p "Email: " USER_EMAIL
+
+	##### SELECT TIME RANGE
+	echo "Select time range:"
+	echo "1) This day"
+	echo "2) Last 3 days"
+	echo "3) Last 10 days"
+	echo "4) Last month"
+	echo "5) Last 90 days"
+	read -p "Option (1-5): " TIME_OPTION
+
+	##### SET TIME RANGE BASED ON SELECTION
+	case "$TIME_OPTION" in
+		1)
+			START_TIME=$(date -u -d '1 day ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+		2)
+			START_TIME=$(date -u -d '3 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+		3)
+			START_TIME=$(date -u -d '10 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+		4)
+			START_TIME=$(date -u -d '1 month ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+		5)
+			START_TIME=$(date -u -d '90 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+		*)
+			echo "Invalid option. Using last 90 days."
+			START_TIME=$(date -u -d '90 days ago' +"%Y-%m-%dT%H:%M:%S.000Z")
+			;;
+	esac
+
+	END_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.000Z")
+
+	echo "Listing audit events for user: $USER_EMAIL"
+	$SEP
+	echo "Fetching audit events (this may take a moment)..."
+
+	################## FETCH AND PARSE AUDIT EVENTS //// WILL ONLY DISPLAY DATA OF USER MATCHING THE FINGERPRINT IN OCI-CLI CONFIG FILE (OWN DATA)
+	echo "  Timestamp         |   Event         |   Service         |   Action         |   Status          |   Description         |   User         |   IP Address   "
+	echo "$(printf '%.0s-' {1..130})"
+
+	timeout 120 oci audit event list \
+	  --compartment-id $TENANCY_ID \
+	  --start-time "$START_TIME" \
+	  --end-time "$END_TIME" \
+	  --all 2>/dev/null | \
+	  jq --arg email "$USER_EMAIL" \
+	    '.data |
+	     map(select(
+	       ((.data."defined-tags"."Oracle-Tags"."CreatedBy" // "") | contains($email)) or
+	       ((.data.identity."principal-name" // "") | contains($email)) or
+	       ((.data."compartment-name" // "") | contains($email))
+	     )) |
+	     .[] |
+	     {
+	       "Time": (."event-time" | split("+")[0] | split(".")[0]),
+	       "Event": .data."event-name",
+	       "Source": .source,
+	       "Action": .data.request.action,
+	       "Status": .data.response.status,
+	       "Message": .data.response.message,
+	       "Principal": .data.identity."principal-name",
+	       "IP": .data.identity."ip-address"
+	     }' \
+	  2>/dev/null | \
+	  jq -r '[.Time, .Event, .Source, .Action, .Status, .Message, .Principal, .IP] | @tsv' | \
+	  column -t -s $'\t' || echo "No audit events found for: $USER_EMAIL"
+
+	$SEP
+	echo "Audit events retrieval completed for: $USER_EMAIL"
+}
+
+################# MAIN FUNC
+if [[ $# -eq 0 ]]; then
+	#####ALWAYS ACTIVATE VENV AND TEST CONNECTION TO OCI
+	activate_venv
+	test_connection
+else
+	case "$1" in
+		-lu)
+			activate_venv
+			test_connection
+			list_users_lite
+			;;
+		-lc)
+			activate_venv
+			test_connection
+			list_compartments
+			;;
+		-la)
+			activate_venv
+			test_connection
+			list_audit_events
+			;;
+		-h|--help)
+			show_help
+			;;
+		*)
+			echo "Unknown option: $1"
+			show_help
+			exit 1
+			;;
+	esac
+fi