ORACLE审计初步入门
【转自】http://space.itpub.net/9240380/viewspace-614029
1,术语简解
dbms_fga包是oracle本身自具功能强大的pl/sql包,实现表级各种select,insert ,delete,update操作的日志记录
dbms_fga包适用于oracle cbo优化器模型.(注:从oracle 9i后,oracle默认就是采用cbo优化器模型,rbo模型基本已经f废弃)
Dbms_fga包含以下函数:
Summary of DBMS_FGA Subprograms
Table 40-1DBMS_FGA Package Subprograms
|
Subprogram |
Description |
|
ADD_POLICY Procedure |
Creates an audit policy using the supplied predicate as the audit condition |
|
DISABLE_POLICY Procedure |
Disables an audit policy |
|
DROP_POLICY Procedure |
Drops an audit policy |
|
ENABLE_POLICY Procedure |
Enables an audit policy |
2,实施步骤
SQL>exec dbms_fga.add_policy(object_schema=>'zxy',
statement_types=>'select,insert,update,delete');
PL/SQL procedure successfully completed.
SQL> conn zxy/system
Connected.
SQL> select * from mv;
no rows selected
SQL> conn /as sysdba
Connected.
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail;
TIMESTAMP DB_USER OS_USER SQL_TEXT
--------------- ---------------- ------------------------------ -------------------------------------------
03-SEP-09 ZXY ora10g select * from mv
SQL> conn zxy/system
Connected.
SQL> insert into mv values(1);
1 row created.
SQL> commit;
Commit complete.
SQL> conn /as sysdba
Connected.
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail;
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------- ------------------------- -----------------------------------------------------------
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g insert into mv values(1)
b,禁用申计策略
SQL>exec dbms_fga.disable_policy(object_schema=>'zxy',
object_name=>'mv',
policy_name=>'mypolicy1');
PL/SQL procedure successfully completed.
测试审计功能
SQL> conn zxy/system
Connected.
SQL> delete from mv;
1 row deleted.
SQL> commit;
Commit complete.
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail; --注:delete的操作日志未被申计记录
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ------------------ -------------------------- -----------------------------------------------------------------
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g insert into mv values(1)
SQL> conn zxy/system
Connected.
SQL> insert into mv values(1);
1 row created.
SQL> insert into mv values(2);
1 row created.
SQL> commit;
Commit complete.
SQL>conn /as sysdba
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail;
注:以上两句insert未被申计记录
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------------- ------------------------ --------------------------------------------------------
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g insert into mv values(1)
c,启用申计策略
SQL>exec dbms_fga.enable_policy(object_schema=>'zxy',
object_name=>'mv',
policy_name=>'mypolicy1');
PL/SQL procedure successfully completed.
测试审计功能
SQL> delete from mv where a=2; --此delete已被申计记录
1 row deleted.
SQL> commit;
Commit complete.
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail;
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------------- ------------------------ --------------------------------------------------------
03-SEP-09 ZXY ora10g delete from mv where a=2
SQL> select * from mv;
A
----------
1
select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail;
03-SEP-09 ZXY
ora10g
select * from mv
TIMESTAMP DB_USER
--------- ------------------------------
OS_USER
--------------------------------------------------------------------------------
SQL_TEXT
--------------------------------------------------------------------------------
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------------- ------------------------ --------------------------------------------------------
03-SEP-09 ZXY ora10g insert into mv values(1)
03-SEP-09 ZXY ora10g delete from mv where a=2
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g
d,删除申计策略
SQL>exec dbms_fga.drop_policy(object_schema=>'zxy',
object_name=>'mv',
policy_name=>'mypolicy1');
PL/SQL procedure successfully completed.
测试申计功能
SQL> insert into mv values(9);
1 row created.
SQL> delete from mv where a=9;
1 row deleted.
SQL> commit;
Commit complete.
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail; --以上insert及delete语句的操作未被申计记录
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------------- ------------------------ --------------------------------------------------------
03-SEP-09 ZXY ora10g delete from mv where a=2
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g insert into mv values(1)
SQL> select * from mv;
A
----------
1
SQL> select timestamp,db_user,os_user,sql_text from dba_fga_audit_trail; --以上select的操作未被申请记录
TIMESTAMP DB_USER OS_USER SQL_TEXT
-------------- ---------------------- ------------------------ --------------------------------------------------------
03-SEP-09 ZXY ora10g delete from mv where a=2
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g select * from mv
03-SEP-09 ZXY ora10g insert into mv values(1)
ORACLE审计初步入门相关推荐
- oracle 关闭audit,关于Oracle审计(audit)
Oracle审计可以查询到某个用户对DB做了哪些操作,10g后,可以查询到具体的sql语句,很有用.审计功能开户的整个过程: Oracle审计可以查询到某个用户对DB做了哪些操作,10g后,可以查询到 ...
- SQL Server审计功能入门:CDC(Change Data Capture)
原文:SQL Server审计功能入门:CDC(Change Data Capture) 介绍 SQL Server 2008引入了CDC(Change Data Capture),它能记录: 1. ...
- Oracle数据库基础入门《二》Oracle内存结构
Oracle数据库基础入门<二>Oracle内存结构 Oracle 的内存由系统全局区(System Global Area,简称 SGA)和程序全局区(Program Global Ar ...
- Oracle 审计文件
Oracle审计功能: Oracle11g推出了审计功能,但这个功能会针对很多操作都产生审计文件.aud,日积月累下来这些文件也很多, 默认情况下,系统为了节省资源,减少I/0操作,其审计功能是关闭的 ...
- Shel脚本-初步入门之《03》
Shel脚本-初步入门-Shell 脚本在 Linux 运维工作中的地位 3.Shell 脚本在 Linux 运维工作中的地位 Shell 脚本语言很适合用于处理纯文本类型的数据,而 Linux 系统 ...
- Oracle数据库基础入门《一》Oracle服务器的构成
Oracle数据库基础入门<一>Oracle服务器的构成 Oracle 服务器是一个具有高性能和高可靠性面向对象关系型数据库管理系统,也是一 个高效的 SQL 语句执行环境. Oracle ...
- mssql 数据库审计账户_SQLServer数据库审计功能入门之SQL Server审核 (SQL Server Audit)...
本文主要向大家介绍了SQLServer数据库审计功能入门之SQL Server审核,通过具体的内容向大家展现,希望对大家学习SQLServer数据库有所帮助. 介绍 Audit是SQL Server ...
- Oracle审计功能
1.什么是审计 审计(Audit)用于监视用户所执行的数据库操作,审计记录可存在数据字典表(称为审计记录:存储在system表空间中的 SYS.AUD$表中,可通过视图dba_audit_trail查 ...
- Oracle PL/SQL入门
Oracle PL/SQL入门 为了解决纯SQL语句的缺陷问题,采取了PL/SQL(Procedure Language/Structured Query Language)的方式进行解决. 纯SQL ...
最新文章
- 将项目通过git上传到bitbucket仓库 (附图)
- 菜鸟实时数仓技术架构演进
- Python 3 判断2个字典相同
- 由动态分配和静态分配的数据在内存组成区别
- Hibernate的懒加载问题
- 端口以及服务常用cmd
- 通孔的作用是什么linux,电路板空洞的作用是什么 如何区分PTH与NPTH两种通孔
- android studio打印日志语句Log.d()
- 如何在几天时间内快速理解一个陌生行业?
- 电脑的基础知识_电脑的基础知识大全,你确定都知道?
- [转载] 【Python】向json文件中追加新的对象
- vue框架安装mock
- (原)使用ass字幕文件通过ffmpeg给视频添加字幕的一些研究
- 《Linux篇》超详细安装FinalShell并连接Linux教程
- codewars体验
- 黄向东:工业物联网数据库 IoTDB及其应用
- PyCharm下载和安装
- 机器学习算法--分类的衡量指标(误差矩阵或混淆矩阵)
- visio2019中文版(64位)
- android gtd_GTD重置