oracle audit for 11g
2019独角兽企业重金招聘Python工程师标准>>>
----SYS用户下执行
----0,检查当前数据库的失效对象。
select OWNER,OBJECT_NAME,OBJECT_TYPE,status,TIMESTAMP,LAST_DDL_TIME from dba_objects where STATUS ='INVALID';
---1,初始化清理对象和间隔,这步会对AUD$表做全表扫描,会比较慢,增加先调整表空间到users表空间。
BEGIN
DBMS_AUDIT_MGMT.init_cleanup(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FGA_STD,
default_cleanup_interval => 168 );
END;
/
BEGIN
DBMS_AUDIT_MGMT.init_cleanup(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD,
default_cleanup_interval => 168 );
END;
/
BEGIN
DBMS_AUDIT_MGMT.set_audit_trail_location(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD,
audit_trail_location_value => 'USERS');
END;
/
BEGIN
DBMS_AUDIT_MGMT.set_audit_trail_location(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FGA_STD,
audit_trail_location_value => 'USERS');
END;
/
---2,检查设置以及是否初始化完成。
COLUMN parameter_name FORMAT A30
COLUMN parameter_value FORMAT A20
COLUMN audit_trail FORMAT A20
SELECT * FROM dba_audit_mgmt_config_params WHERE PARAMETER_NAME = 'DEFAULT CLEAN UP INTERVAL';
SET SERVEROUTPUT ON
BEGIN
IF DBMS_AUDIT_MGMT.is_cleanup_initialized(DBMS_AUDIT_MGMT.AUDIT_TRAIL_DB_STD) THEN
DBMS_OUTPUT.put_line('YES');
ELSE
DBMS_OUTPUT.put_line('NO');
END IF;
END;
/
---设置保留时
BEGIN
DBMS_AUDIT_MGMT.set_last_archive_timestamp(
audit_trail_type => dbms_audit_mgmt.audit_trail_aud_std,
last_archive_time => SYSTIMESTAMP-365);
END;
/
BEGIN
DBMS_AUDIT_MGMT.set_last_archive_timestamp(
audit_trail_type => dbms_audit_mgmt.audit_trail_fga_std,
last_archive_time => SYSTIMESTAMP-365);
END;
/
---检查默认的保留时间
SELECT * FROM dba_audit_mgmt_last_arch_ts;
---创建清理的schedule
BEGIN
DBMS_AUDIT_MGMT.create_purge_job(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_DB_STD,
audit_trail_purge_interval => 168 /* hours */,
audit_trail_purge_name => 'PURGE_STD_AUDIT_TRAILS',
use_last_arch_timestamp => TRUE);
END;
/
---修改清理job的运行时间为每日凌晨2点5分。
BEGIN
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.PURGE_STD_AUDIT_TRAILS'
,attribute => 'START_DATE'
,value => TO_TIMESTAMP_TZ('2013/08/10 02:05:00.000000 +08:00','yyyy/mm/dd hh24:mi:ss.ff tzr')
);
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.PURGE_STD_AUDIT_TRAILS'
,attribute => 'REPEAT_INTERVAL'
,value => 'FREQ=WEEKLY; BYDAY=SAT'
);
END;
/
--创建一个schedule去每天设置保留时间为365天前
BEGIN
SYS.DBMS_SCHEDULER.CREATE_JOB
(
job_name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,start_date => TO_TIMESTAMP_TZ('2013/08/10 01:05:00.000000 +08:00','yyyy/mm/dd hh24:mi:ss.ff tzr')
,repeat_interval => 'FREQ=WEEKLY; BYDAY=SAT'
,end_date => NULL
,job_class => 'DEFAULT_JOB_CLASS'
,job_type => 'PLSQL_BLOCK'
,job_action => 'BEGIN
DBMS_AUDIT_MGMT.set_last_archive_timestamp(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD,
last_archive_time => SYSTIMESTAMP-365);
DBMS_AUDIT_MGMT.set_last_archive_timestamp(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FGA_STD,
last_archive_time => SYSTIMESTAMP-365);
END;'
,comments => NULL
);
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'RESTARTABLE'
,value => FALSE);
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'LOGGING_LEVEL'
,value => SYS.DBMS_SCHEDULER.LOGGING_OFF);
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE_NULL
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'MAX_FAILURES');
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE_NULL
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'MAX_RUNS');
BEGIN
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'STOP_ON_WINDOW_CLOSE'
,value => FALSE);
EXCEPTION
-- could fail if program is of type EXECUTABLE...
WHEN OTHERS THEN
NULL;
END;
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'JOB_PRIORITY'
,value => 3);
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE_NULL
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'SCHEDULE_LIMIT');
SYS.DBMS_SCHEDULER.SET_ATTRIBUTE
( name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD'
,attribute => 'AUTO_DROP'
,value => TRUE);
SYS.DBMS_SCHEDULER.ENABLE
(name => 'SYS.MOVE_LAST_TIMESTAMP_FORWARD');
END;
/
--编译对象,使用sys编译。
alter view sys.DBA_FGA_AUDIT_TRAIL compile;
alter view sys.DBA_COMMON_AUDIT_TRAIL compile;
alter view SYS.DBA_AUDIT_EXISTS compile;
alter view SYS.DBA_AUDIT_OBJECT compile;
alter view SYS.DBA_AUDIT_SESSION compile;
alter view SYS.DBA_AUDIT_STATEMENT compile;
alter view SYS.USER_AUDIT_OBJECT compile;
alter view SYS.USER_AUDIT_SESSION compile;
alter view SYS.USER_AUDIT_STATEMENT compile;
alter view SYS.USER_AUDIT_TRAIL compile;
alter public synonym DBA_COMMON_AUDIT_TRAIL compile;
alter public synonym DBA_FGA_AUDIT_TRAIL compile;
alter public synonym DBA_AUDIT_EXISTS compile;
alter public synonym USER_AUDIT_OBJECT compile;
alter public synonym DBA_AUDIT_OBJECT compile;
alter public synonym USER_AUDIT_STATEMENT compile;
alter public synonym DBA_AUDIT_STATEMENT compile;
alter public synonym USER_AUDIT_SESSION compile;
alter public synonym DBA_AUDIT_SESSION compile;
alter public synonym USER_AUDIT_TRAIL compile;
alter public synonym DBA_AUDIT_TRAIL compile;
--检查2个schedule是否设置。及运行时间是否是每天的凌晨1点5分和2点5分
SELECT owner,job_name,next_run_date FROM DBA_SCHEDULER_JOBS WHERE job_name IN ('PURGE_STD_AUDIT_TRAILS','MOVE_LAST_TIMESTAMP_FORWARD');
--检查是否有新增SYS下的失效对象。如果跟AUDIT相关的,需重编译一下。
select OWNER,OBJECT_NAME,OBJECT_TYPE,status,TIMESTAMP,LAST_DDL_TIME from dba_objects where STATUS ='INVALID';
转载于:https://my.oschina.net/u/3862440/blog/2208540
oracle audit for 11g相关推荐
- oracle audit文件,[20191128]oracle Audit文件管理2.txt
[20191128]oracle Audit文件管理2.txt --//以前的测试,http://blog.itpub.net/267265/viewspace-2646161/ => [201 ...
- [20190530]oracle Audit文件管理.txt
[20190530]oracle Audit文件管理.txt --//昨天听课,讲一些oracle相关安全的问题,对方提到audit file的管理,应该引入OS audit,这样目的是仅仅root查 ...
- Oracle Goldengate OGG 11g与各操作系统及数据库版本的兼容列表
Oracle Goldengate OGG 11g (11.1.1.0.0)与各操作系统及数据库版本的兼容列表如下,仅供参考: Oracle GoldenGate Certification Matr ...
- Oracle Enterprise Manager 11g: Empowering IT to Drive Business Value
一个介绍Oracle Enterprise Manager 11g的文档,可惜是日文的,所以大致都能够看懂:
- Oracle Grid Control 11g for linux安装和配置指南
2019独角兽企业重金招聘Python工程师标准>>> Oracle Grid Control 11g for linux安装和配置指南 原创 candon123 2010-07-1 ...
- oracle关闭 manager,Oracle Enterprise Manager 11g 启停
1.查看是否安装组件 col comp_name for a40 select comp_name,version,status from dba_registry; COMP_NAME ...
- Oracle Enterprise Manager 11g 启停
1.查看是否安装组件 col comp_name for a40 select comp_name,version,status from dba_registry; COMP_NAME ...
- Oracle data integrator 11g安装配置和一个实例应用指南pdf
<Oracle data integrator 11g安装配置和一个实例应用指南pdf> 下载地址: 网盘下载 转载于:https://www.cnblogs.com/long12365/ ...
- oracle的local,11G R2 Oracle Local Registry(OLR)
从oracle 11R2版本起在网格计算领域引进了新特性,其中之一就是grid Oracle Local Registry(OLR),做为oracle clusterware的一部分,有些人喜欢叫Or ...
最新文章
- uniapp光标自动定义到文本框_如何在Mac上的照片应用中创建自定义日历
- c++ 重载 覆盖 隐藏的区别和执行方式
- java接口有非抽象方法_如果一个类没有实现Java接口的所有抽象方法,会发生什么?...
- 如何保证redis高可用?薪资翻倍
- 统计消息总数_2019年度我国出国留学人员总数为70.35万人
- CNNIC:我国网民规模达9.4亿,月收入5000元以上的却不到1/4
- c语言中读和写的作用,C语言中对文件最基本的读取和写入函数
- Involution: Inverting the Inherence of Convolution for Visual Recognition(CVPR2021)
- ubuntu磁盘格式化
- Python中统一快速更换变量的名称
- Python爬取新闻联播(文字版)
- Combining Implicit Function Learning and Parametric Models for 3D Human Reconstruction
- 【图文详解】SpringBoot项目启动报错:The bean ‘xxxServiceImpl‘ could not be injected as a ‘xxxServiceImpl‘ ...
- WiFi-ESP8266入门http(3-1)网页认证上网-post请求(原教程)
- 核密度聚类(一)核函数、核密度估计、核密度聚类
- 【电商】电商后台---FMS财务管理系统
- 容联云CPO熊谢刚:用最合适的人机协同配比,创造AI落地最优解
- 约定由于配置(Convention over Configuration)
- 从零开始安卓无障碍服务Accessibility
- CocoaChina 允许iOS开发者相互推广自己的作品,发码大师相当不错!
热门文章
- 字节跳动实习生提出实例分割新方法:性能超过何恺明Mask R-CNN
- AI硬件碎片化难题,英特尔想用“一个API”解决,还推出新的编程语言DPC++
- Object.create(..)和new(..)的内部实现
- Android中的dispatchTouchEvent()、onInterceptTouchEvent()和onTouchEvent()
- nova resize代码调用部分分析
- 内存泄露从入门到精通三部曲之常见原因与用户实践
- Docker多容器连接-以Nginx+PHP为例
- 遇到的问题然后自己找到答案
- 好莱坞电影公司系列电影
- [一文一命令]tail命令详解