Oracle審計(轉)
Oracle審計
1.
AUDIT_SYS_OPERATIONS = TRUE審計管理使用者(以sysdba/sysoper角色登陸)
windows平臺會儲存到Event Viewer日誌檔案中,諸如
CONNECT / AS SYSDBA;
ALTER SYSTEM FLUSH SHARED_POOL;
UPDATE salary SET base=1000 WHERE name='myname';
的操作都會記錄到windows事件中
AUDIT_TRAIL=OS時AUDIT_FILE_DEST定義審計的destination
2.
相關的檢視
-- 審計記錄
select * from sys.aud$
select * from dba_audit_trail
select * from dba_common_audit_trail
-- action的定義
select * from audit_actions
3.
多層環境下的審計
appserve-應用伺服器
jackson-client?
AUDIT SELECT TABLE BY appserve ON BEHALF OF jackson;
4.
審計選項
Statement-諸如CREATE TABLE, TRUNCATE TABLE, COMMENT ON TABLE, and DELETE [FROM] TABLE等語句
Privilege-AUDIT CREATE ANY TRIGGER會審計使用CREATE ANY TRIGGER許可權執行的語句
Object-審計特定物件上的特定語句,比如emp表上的ALTER TABLE語句
5.
BY SESSION/BY ACCESS-每個session或者每次訪問
WHENEVER SUCCESSFUL/WHENEVER NOT SUCCESSFUL-成功/不成功
6.
審計連線或斷開連線:
AUDIT SESSION;
-- 指定使用者
AUDIT SESSION BY jeff, lori;
審計許可權(使用該許可權才能執行的操作):
AUDIT DELETE ANY TABLE BY ACCESS WHENEVER NOT SUCCESSFUL;
AUDIT DELETE ANY TABLE;
AUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE, EXECUTE PROCEDURE
BY ACCESS WHENEVER NOT SUCCESSFUL;
物件審計:
AUDIT DELETE ON jeff.emp;
AUDIT SELECT, INSERT, DELETE ON jward.dept BY ACCESS WHENEVER SUCCESSFUL;
7.
取消審計
NOAUDIT session;
NOAUDIT session BY jeff, lori;
NOAUDIT DELETE ANY TABLE;
NOAUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE,EXECUTE PROCEDURE;
-- 取消所有statement審計
NOAUDIT ALL;
-- 取消所有許可權審計
NOAUDIT ALL PRIVILEGES;
-- 取消所有物件審計
NOAUDIT ALL ON DEFAULT;
8.
清除審計資訊
DELETE FROM SYS.AUD$;
DELETE FROM SYS.AUD$ WHERE obj$name='EMP';
9.
審計檢視
STMT_AUDIT_OPTION_MAP-審計選項型別程式碼
AUDIT_ACTIONS-action程式碼
ALL_DEF_AUDIT_OPTS-物件建立時預設的物件審計選項
DBA_STMT_AUDIT_OPTS-當前資料庫系統審計選項
DBA_PRIV_AUDIT_OPTS-許可權審計選項
DBA_OBJ_AUDIT_OPTS
USER_OBJ_AUDIT_OPTS-物件審計選項
DBA_AUDIT_TRAIL
USER_AUDIT_TRAIL-審計記錄
DBA_AUDIT_OBJECT
USER_AUDIT_OBJECT-審計物件列表
DBA_AUDIT_SESSION
USER_AUDIT_SESSION-session審計
DBA_AUDIT_STATEMENT
USER_AUDIT_STATEMENT-語句審計
DBA_AUDIT_EXISTS-使用BY AUDIT NOT EXISTS選項的審計
DBA_AUDIT_POLICIES-審計POLICIES
DBA_COMMON_AUDIT_TRAIL-標準審計+精細審計
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/756652/viewspace-242220/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- oracle審計-細粒度(轉)Oracle
- oracle10g審計(轉)Oracle
- 轉載:Oracle審計功能(Oracle10g)Oracle
- Oracle審計Oracle
- oracle 審計Oracle
- Oracle:審計清理Oracle
- Oracle審計列表Oracle
- Oracle 審計 auditOracle
- Oracle審計例子Oracle
- Oracle 審計功能Oracle
- oracle審計功能Oracle
- oracle 審計(Audit)Oracle
- 轉載:Oracle10g新特性——審計Oracle
- ORACLE AUDIT審計(1)Oracle
- oracle細粒度審計Oracle
- oracle標準審計Oracle
- ORACLE的 審計功能Oracle
- Oracle FGA審計功能Oracle
- 再談審計專案審計質量(轉)
- Oracle Database標準審計和細粒度審計功能OracleDatabase
- oracle 細粒度審計(fga)Oracle
- oracle 審計日誌清理Oracle
- oracle開啟audit(審計)Oracle
- 關於oracle審計功能Oracle
- oracle11g審計Oracle
- oracle審計簡單示例Oracle
- oracle-審計導數Oracle
- Oracle10g審計Oracle
- Oracle 審計的初步操作Oracle
- Oracle Audit 審計 說明Oracle
- [zt] ORACLE審計小結Oracle
- 【安全】oracle 標準審計Oracle
- Oracle中審計引數audit_trail的討論(轉)OracleAI
- Oracle OCP(52):細粒度審計Oracle
- Oracle OCP(50):審計簡介Oracle
- Oracle OCP(51):簡單審計Oracle
- oracle fga審計(欄位級)Oracle
- Oracle audit 審計功能說明Oracle