Disable Database Audit In Oracle 19c RAC-20220111
Disable Database Audit In Oracle 19c RAC-20220111
導讀:為什麼要使用審計呢?通常情況下是為了透過稽核來監控使用者活動。同時資料庫審計也是資料庫安全的一個重要組成部分(官方描述)。現實中生產環境開啟審計的目的:更重要的是為了滿足合規審計要求(生產環境建議開啟)。例如:等保3級測評,開啟資料庫審計是必須的。若開啟審計功能注意建立審計記錄生命週期管理,不要讓審計記錄撐爆你的資料庫。
1.環境與db版本
環境:oracle 19c rac on three nodes for redhat8.3 db版本:19.9(已應用19.9RU) SQL> select * from v$version; BANNER ---------------------------------------------------------------------------------------------------------------------------------------------------------------- BANNER_FULL -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- BANNER_LEGACY CON_ID ---------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------- Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production Version 19.9.0.0.0 Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production 0
2.檢視database auditing狀態
2.1 檢查Rac內所有節點的database auditing和sql statements with SYS authorization狀態(預設是開啟)
# 方法1,透過show parameter檢視 SQL> show parameter audit NAME TYPE VALUE ------------------------------------ ---------------------- ------------------------------ audit_file_dest string /u01/app/oracle/admin/racdb/ad ump audit_sys_operations boolean TRUE <=default enable sql statements with SYS authorization audit_syslog_level string audit_trail string DB <=dbca create database default enable database shandard auditing unified_audit_common_systemlog string unified_audit_sga_queue_size integer 1048576 unified_audit_systemlog string # 方法2,透過gv$parameter檢視檢視 col name for a40 col value for a30 set line 200 select inst_id,name,value from gv$parameter where name in ('audit_sys_operations','audit_trail') order by 1,2; INST_ID NAME VALUE ---------- ---------------------------------------- ------------------------------ 1 audit_sys_operations TRUE <=default enable sql statements with SYS authorization 1 audit_trail DB <=dbca create database default enable shandard database auditing 2 audit_sys_operations TRUE 2 audit_trail DB 3 audit_sys_operations TRUE 3 audit_trail DB 6 rows selected.
2.2 檢查Rac內所有節點的審計sunified auditing狀態(預設是關閉)
SQL> select inst_id,value,parameter from gv$option where parameter='Unified Auditing' order by 1; INST_ID VALUE PARAMETER ---------- ------------------------------ ---------------------------------------- 1 FALSE Unified Auditing 2 FALSE Unified Auditing 3 FALSE Unified Auditing # false表示未配置unified auditing
3.關閉database auditing
3.1 關閉Rac內所有節點的database auditing
關閉database auditing # audit_trail此引數僅能關閉database auditing。關於FGA的審計是無法關閉的 SQL> alter system set audit_trail=none sid='*' scope=spfile; System altered. 關閉sql statements with SYS authorization # audit_sys_operations此引數僅能減少sysdba的審計。關於sysdba的startup,shutdown,connect是無法關閉的 SQL> alter system set audit_sys_operations=false sid='*' scope=spfile; System altered.
3.2 重啟db讓引數立即生效
修改audit_trail或audit_sys_operations後需重啟db才能立即生效。 # Rac重啟db步驟 [oracle@rac3:/home/oracle]$srvctl stop database -db racdb [oracle@rac3:/home/oracle]$srvctl start database -db racdb
3.3 檢查引數是否生效
已經閉關database shandard auditing和sql statements with SYS authorization col name for a40 col value for a30 set line 200 select inst_id,name,value from gv$parameter where name in ('audit_sys_operations','audit_trail') order by 1,2;SQL> SQL> SQL> INST_ID NAME VALUE ---------- ---------------------------------------- ------------------------------ 1 audit_sys_operations FALSE <=closed 1 audit_trail NONE <=closed 2 audit_sys_operations FALSE 2 audit_trail NONE 3 audit_sys_operations FALSE 3 audit_trail NONE 6 rows selected.
4.參考文件
How to Disable Oracle Database Auditing (Doc ID 1528170.1)
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26442936/viewspace-2871551/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- Overview of Oracle Flex ASM In Oracle 19c RAC-20220111ViewOracleFlexASM
- Disable Tfa In Oracle 19c RAC-20220112Oracle
- Oracle 19c Concepts(01):Introduction to Oracle DatabaseOracleDatabase
- Oracle 19c Concepts(13):Oracle Database InstanceOracleDatabase
- Oracle 19c Database Management ToolsOracleDatabase
- [20221222]How to Enable and Disable Database Options in oracle 11g.txtDatabaseOracle
- Sqlcl 連線Oracle DataBase 19cSQLOracleDatabase
- 1 Oracle Database 19c 新特性OracleDatabase
- alter database disable thread 2Databasethread
- Oracle 19c Concepts(00):Changes in This Release for Oracle Database ConceptsOracleDatabase
- Oracle 19c Concepts(18):Concepts for Database AdministratorsOracleDatabase
- Oracle 19c Concepts(19):Concepts for Database DevelopersOracleDatabaseDeveloper
- Oracle Database 19c安裝Sample SchemasOracleDatabase
- ORACLE AUDITOracle
- Oracle 19c Concepts(17):Topics for Database Administrators and DevelopersOracleDatabaseDeveloper
- Oracle Database 19c中的自動索引OracleDatabase索引
- Oracle 19c Database Configure the HTTPS Port for EM ExpressOracleDatabaseHTTPExpress
- Oracle Audit setupOracle
- Oracle Database 19c(19.9) RAC On RedHat 8.3 Using VirtualBox and MacBookOracleDatabaseRedhatMac
- Oracle 19c DBA's Guide(01): Getting Started with Database AdministrationOracleGUIIDEDatabase
- 【kingsql分享】Oracle Database 19c的各種新特性介紹SQLOracleDatabase
- ORACLE AUDIT審計(1)Oracle
- Oracle 19c透過recover standby database from service修復GAP案例OracleDatabase
- Oracle Database 19c 中的 JSON_OBJECT 函式的增強功能OracleDatabaseJSONObject函式
- Oracle database 19c中獲取當前資料庫版本的方法OracleDatabase資料庫
- 使用免費的Oracle雲服務-在雲主機上安裝Oracle Database 19cOracleDatabase
- ORACLE database vaultOracleDatabase
- Oracle clone databaseOracleDatabase
- [20190530]oracle Audit檔案管理.txtOracle
- Oracle Database Cloud - Database as a Service Quick StartOracleDatabaseCloudUI
- oracle ocp 19c考題8,科目082考試題-logical and physical database structuresOracleDatabaseStruct
- 【AUDIT]Oracle審計配置及常用sqlOracleSQL
- Oracle Database Scheduler整理OracleDatabase
- Oracle Physical Database LimitsOracleDatabaseMIT
- [20191129]oracle Audit檔案管理3.txtOracle
- [20191128]oracle Audit檔案管理2.txtOracle
- Oracle 12.2 使用Database Link優化Standby Database WorkloadOracleDatabase優化
- Oracle 19C EMOracle