Oracle 11g DBMS_FGA包的使用
DBMS_FGA包可以用於審計在資料庫中執行的DML語句和SELECT語句
需要注意的是,執行失敗的SQL不會被記錄到審計記錄中
例如下面語句中的失敗語句,重複的主鍵欄位插入SQL不會被記錄
SQL> insert into t values(3,'Dalian',10,100);
1 row created.
SQL> commit;
Commit complete.
SQL> alter table t add primary key(a);
Table altered.
SQL> insert into t values(3,'Dalian',10,100);
insert into t values(3,'Dalian',10,100)
*
ERROR at line 1:
ORA-00001: unique constraint (SCOTT.SYS_C004949) violated
SQL> /
insert into t values(3,'Dalian',10,100)
*
ERROR at line 1:
ORA-00001: unique constraint (SCOTT.SYS_C004949) violated
--建立審計策略
BEGIN
DBMS_FGA.ADD_POLICY (
object_schema => 'SCOTT',
object_name => 'EMP',
policy_name => 'mypolicy1',
enable => TRUE,
statement_types => 'INSERT, UPDATE, DELETE, SELECT',
audit_column_opts => DBMS_FGA.ANY_COLUMNS);
END;
/
--批次建立指令碼
SELECT 'DBMS_FGA.ADD_POLICY (object_schema => ' || '''' || OWNER || '''' || ', object_name => ' || '''' || TABLE_NAME || ''''
|| ', policy_name => ' || '''' ||'POL_' || TABLE_NAME || '''' || ', enable => TRUE' || ', statement_types => '''
|| 'INSERT, UPDATE, DELETE, SELECT''' || ', audit_column_opts => DBMS_FGA.ANY_COLUMNS);'
FROM DBA_TABLES WHERE OWNER = 'SCOTT';
BEGIN
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'SMDP_SUBSCRIPTIONS', policy_name => 'POL_SMDP_SUBSCRIPTIONS', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'T', policy_name => 'POL_T', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'TAB_1', policy_name => 'POL_TAB_1', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'TAB_2', policy_name => 'POL_TAB_2', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'EMP', policy_name => 'POL_EMP', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'OSMSR_EUICC_HISTORIES', policy_name => 'POL_OSMSR_EUICC_HISTORIES', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
END;
/
--透過檢視來檢視SQL結果
select * from dba_fga_audit_trail;
--開啟審計策略
BEGIN
DBMS_FGA.ENABLE_POLICY (
object_schema => 'SCOTT',
object_name => 'EMP',
policy_name => 'mypolicy1',
enable => TRUE);
END;
/
--關閉審計策略
BEGIN
DBMS_FGA.DISABLE_POLICY (
object_schema => 'scott',
object_name => 'emp',
policy_name => 'mypolicy1');
END;
/
使用後需要刪除審計策略
--刪除審計策略
BEGIN
DBMS_FGA.DROP_POLICY (
object_schema => 'scott',
object_name => 'emp',
policy_name => 'mypolicy1');
END;
/
批次刪除語句
SELECT 'DBMS_FGA.DROP_POLICY (object_schema => ' || '''' || OWNER || '''' || ', object_name => ' || '''' || TABLE_NAME || ''''
|| ', policy_name => ' || '''' ||'POL_' || TABLE_NAME || '''' || ');'
FROM DBA_TABLES WHERE OWNER = 'SCOTT';
BEGIN
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'SMDP_SUBSCRIPTIONS', policy_name => 'POL_SMDP_SUBSCRIPTIONS');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'T', policy_name => 'POL_T');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'TAB_1', policy_name => 'POL_TAB_1');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'TAB_2', policy_name => 'POL_TAB_2');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'EMP', policy_name => 'POL_EMP');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'OSMSR_EUICC_HISTORIES', policy_name => 'POL_OSMSR_EUICC_HISTORIES');
END;
/
需要注意的是,執行失敗的SQL不會被記錄到審計記錄中
例如下面語句中的失敗語句,重複的主鍵欄位插入SQL不會被記錄
SQL> insert into t values(3,'Dalian',10,100);
1 row created.
SQL> commit;
Commit complete.
SQL> alter table t add primary key(a);
Table altered.
SQL> insert into t values(3,'Dalian',10,100);
insert into t values(3,'Dalian',10,100)
*
ERROR at line 1:
ORA-00001: unique constraint (SCOTT.SYS_C004949) violated
SQL> /
insert into t values(3,'Dalian',10,100)
*
ERROR at line 1:
ORA-00001: unique constraint (SCOTT.SYS_C004949) violated
--建立審計策略
BEGIN
DBMS_FGA.ADD_POLICY (
object_schema => 'SCOTT',
object_name => 'EMP',
policy_name => 'mypolicy1',
enable => TRUE,
statement_types => 'INSERT, UPDATE, DELETE, SELECT',
audit_column_opts => DBMS_FGA.ANY_COLUMNS);
END;
/
--批次建立指令碼
SELECT 'DBMS_FGA.ADD_POLICY (object_schema => ' || '''' || OWNER || '''' || ', object_name => ' || '''' || TABLE_NAME || ''''
|| ', policy_name => ' || '''' ||'POL_' || TABLE_NAME || '''' || ', enable => TRUE' || ', statement_types => '''
|| 'INSERT, UPDATE, DELETE, SELECT''' || ', audit_column_opts => DBMS_FGA.ANY_COLUMNS);'
FROM DBA_TABLES WHERE OWNER = 'SCOTT';
BEGIN
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'SMDP_SUBSCRIPTIONS', policy_name => 'POL_SMDP_SUBSCRIPTIONS', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'T', policy_name => 'POL_T', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'TAB_1', policy_name => 'POL_TAB_1', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'TAB_2', policy_name => 'POL_TAB_2', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'EMP', policy_name => 'POL_EMP', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
DBMS_FGA.ADD_POLICY (object_schema => 'SCOTT', object_name => 'OSMSR_EUICC_HISTORIES', policy_name => 'POL_OSMSR_EUICC_HISTORIES', enable => TRUE, statement_types => 'INSERT, UPDATE, DELETE, SELECT', audit_column_opts => DBMS_FGA.ANY_COLUMNS);
END;
/
--透過檢視來檢視SQL結果
select * from dba_fga_audit_trail;
--開啟審計策略
BEGIN
DBMS_FGA.ENABLE_POLICY (
object_schema => 'SCOTT',
object_name => 'EMP',
policy_name => 'mypolicy1',
enable => TRUE);
END;
/
--關閉審計策略
BEGIN
DBMS_FGA.DISABLE_POLICY (
object_schema => 'scott',
object_name => 'emp',
policy_name => 'mypolicy1');
END;
/
使用後需要刪除審計策略
--刪除審計策略
BEGIN
DBMS_FGA.DROP_POLICY (
object_schema => 'scott',
object_name => 'emp',
policy_name => 'mypolicy1');
END;
/
批次刪除語句
SELECT 'DBMS_FGA.DROP_POLICY (object_schema => ' || '''' || OWNER || '''' || ', object_name => ' || '''' || TABLE_NAME || ''''
|| ', policy_name => ' || '''' ||'POL_' || TABLE_NAME || '''' || ');'
FROM DBA_TABLES WHERE OWNER = 'SCOTT';
BEGIN
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'SMDP_SUBSCRIPTIONS', policy_name => 'POL_SMDP_SUBSCRIPTIONS');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'T', policy_name => 'POL_T');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'TAB_1', policy_name => 'POL_TAB_1');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'TAB_2', policy_name => 'POL_TAB_2');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'EMP', policy_name => 'POL_EMP');
DBMS_FGA.DROP_POLICY (object_schema => 'SCOTT', object_name => 'OSMSR_EUICC_HISTORIES', policy_name => 'POL_OSMSR_EUICC_HISTORIES');
END;
/
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26506993/viewspace-2131219/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- Oracle 11g UTL_FILE 包的使用方法Oracle
- oracle 11g DBMS_SQLTUNE 包的使用方法介紹OracleSQL
- Oracle 11g系統調優之dbms_sqltune包的使用OracleSQL
- DBMS_FGA簡介
- oracle包的使用(二)Oracle
- oracle dbms包和其他包的使用大全Oracle
- oracle dbms包和其他包的使用大全 (十二)Oracle
- oracle dbms包和其他包的使用大全 (十一)Oracle
- oracle dbms包和其他包的使用大全 (十)Oracle
- oracle dbms包和其他包的使用大全 (九)Oracle
- oracle dbms包和其他包的使用大全 (八)Oracle
- oracle dbms包和其他包的使用大全 (七)Oracle
- oracle dbms包和其他包的使用大全 (六)Oracle
- oracle dbms包和其他包的使用大全 (五)Oracle
- oracle dbms包和其他包的使用大全 (四)Oracle
- oracle dbms包和其他包的使用大全 (三)Oracle
- oracle dbms包和其他包的使用大全(二)Oracle
- oracle dbms包和其他包的使用大全(一)Oracle
- 使用yum安裝oracle的包Oracle
- oracle 11g adrci使用Oracle
- oracle 11g ASM 的管理使用者OracleASM
- oracle預定義的包使用小記Oracle
- Oracle 11g ADRCI工具使用Oracle
- 聊聊Oracle 11g中的char型別使用Oracle型別
- ORACLE 11g Result cache使用指南Oracle
- 使用silent模式安裝Oracle 11g模式Oracle
- Oracle 11g DRCP配置與使用(上)Oracle
- Oracle 11g DRCP配置與使用(下)Oracle
- 有用的 oracle 包Oracle
- oracle 11g 表空間使用率Oracle
- oracle 11g adrci 工具使用方法Oracle
- oracle 11g 使用 pivot/unpivot 行列轉換Oracle
- Oracle 11g使用者口令過期Oracle
- oracle 11g中的 oracle restart特性OracleREST
- Oracle 11G 閃回技術 使用Oracle閃回查詢Oracle
- Oracle物化檢視DBMS_MVIEW.EXPLAIN_MVIEW包的使用OracleViewAI
- SQL Query Result Cache的使用和配置--Oracle 11G新特性SQLOracle
- oracle中的加密包Oracle加密