11章.审计
审计包括:登录审计、数据库审计、对象审计
查看审计参数,看是否开启审计,默认为节约资源不开启
SQL> show parameter audit_trail;
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_trail string DB
1.开启数据库审计
SQL> alter system set audit_trail=db,extended scope=spfile;
System altered.
关闭数据库审计
SQL> alter system set audit_trail=false scope=spfile;
System altered.
2.设置登录审计
每一个连接Oracle的用户均审计:
SQL> audit session;
Audit succeeded.
取消登录审计:
SQL> noaudit session;
Noaudit succeeded.
审计登录不上的活动:
SQL> audit session wheneven not successful;
Audit succeeded.
审计登录上的活动:
SQL> audit session wheneven successful;
Audit succeeded.
登录审计信息在表dba_audit_session
3.对象审计
对表好人hr.employees进行查询审计
SQL> audit select on hr.employees;
Audit succeeded.
对表hr.departments进行增删改查审计
SQL> audit all on hr.departments;
Audit succeeded.
取消以上两个审计
SQL> noaudit select on hr.employees;
Noaudit succeeded.
SQL> noaudit all on hr.departments;
Noaudit succeeded.
4.查询审计信息
所有审计数据放在表sys.aud$
可以删除该表中的一些审计数据,也可以truncate table sys.aud$清空审计信息。
| 欢迎光临 重庆思庄Oracle、Redhat认证学习论坛 (http://bbs.cqsztech.com/) | Powered by Discuz! X3.2 |