audit時的by session和by access選項的區別!

warehouse發表於2011-01-26

不知道該起一個怎樣的標題,總之寫這個文章的目的是源於一個從我這兒報名考ocp的哥們的問題,他做了一個針對042題庫上第12題的測試然後向我求證答案是否正確,很顯然答案A是不正確的,原因就像下面doc說的在語句審計和許可權審計審計DDL語句時只能使用by access,可語法上oracle並沒有限制,也就是說使用by session時也不會報錯,這樣很容易引起誤導,感覺oracle在很多地方都不夠嚴謹。

Number of Audit Records from Multiple Executions of a Statement

If an audited statement is issued multiple times in a single user session, then your audit trail can have one or more related records. The controlling clause BY ACCESS causes each execution of an auditable operation within a cursor to generate a separate audit record. If you use the BY SESSION clause instead, then your audit trail will contain a single audit record for each session, for each user and schema object. Only one audit record results, no matter how often the statement occurs in that session.

However, several audit options can be set only BY ACCESS:

  • All statement audit options that audit DDL statements

  • All privilege audit options that audit DDL statements

For all other audit options, BY SESSION is used by default.

[@more@]12. You execute the following command to audit the database activities:
SQL> AUDIT DROP ANY TABLE BY scott BY SESSION WHENEVER SUCCESSFUL;
What is the effect of this command?
A. One audit record is created for the whole session if user SCOTT successfully drops one or more tables
in his session.
B. One audit record is created for every session when any user successfully drops a table owned by
SCOTT.
C. One audit record is created for each successful DROP TABLE command executed by any user to drop
tables owned by SCOTT.
D. One audit record is generated for the session when SCOTT grants the DROP ANY TABLE privilege to
other users in his session.
E. One audit record is created for each successful DROP TABLE command executed in the session of
SCOTT.
Answer: A

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/19602/viewspace-1045216/,如需轉載,請註明出處,否則將追究法律責任。

相關文章