1.建立測試表(使用者EDMS下)
Create Table T_AUDIT_DEMO
(
CID INT NOT NULL, CNAME VARCHAR2(20) NULL, ENAME VARCHAR2(20) NULL,
CONSTRAINT PK_T_AUDIT_DEMO PRIMARY KEY (CID)
);
2.建立審計策略(使用者SYS下)
begin
dbms_fga.add_policy
(
object_schema=>'EDMS', object_name=>'T_AUDIT_DEMO',
policy_name=>'T_AUDIT_DEMO_AUDIT'
);
end;
3.測試審計效果(使用者EDMS下)
INSERT INTO T_AUDIT_DEMO VALUES(1,'曾勳','ZENG XUN');
INSERT INTO T_AUDIT_DEMO VALUES(2,'翁黎明','WENG LI MING');
INSERT INTO T_AUDIT_DEMO VALUES(3,'劉帝勇','LIU DI YONG');
4.使用Select查詢測試表(使用者EDMS下)
SQL> SELECT * FROM T_AUDIT_DEMO;
CID CNAME ENAME
----- -------------------- -------
1曾勳ZENG XUN
2翁黎明WENG LI MING
3劉帝勇LIU DI YONG
5.再次檢視審計效果(使用者SYS下)
SQL> select statement_type,SQL_TEXT from dba_fga_audit_trail;
STATEMENT_TYPE SQL_TEXT
-------------- -----------
SELECT SELECT * FROM T_AUDIT_DEMO
注意:之前的Insert語句並不在審計中。預設的只對Select進行審計。在Oracle 9i中它只捕獲 SELECT 語句。而在Oracle 10i中進行了擴充套件,支援對所有型別的DML進行審計。
6.修改審計粒度(使用者SYS下)
begin
dbms_fga.add_policy
(
object_schema=>'EDMS', object_name=>'T_AUDIT_DEMO', policy_name=>'T_AUDIT_DEMO_AUDIT', statement_types=>'INSERT, UPDATE, DELETE, SELECT'
);
end;
注意:不能實現對Truncat Table的審計。
7.測試審計(使用者EDMS、SYS下)
INSERT INTO T_AUDIT_DEMO VALUES(4,'黃智洪','HUANG ZHI HONG');
DELETE FROM T_AUDIT_DEMO WHERE CID < 4;
SQL> select statement_type,SQL_TEXT from dba_fga_audit_trail;
STATEMENT_TYPE SQL_TEXT
-------------- --------------------
SELECT SELECT * FROM T_AUDIT_DEMO
INSERT INSERT INTO T_AUDIT_DEMO VALUES(4,'黃智洪','HUANG ZHI HONG')
DELETE DELETE FROM T_AUDIT_DEMO WHERE CID < 4
SELECT SELECT * FROM T_AUDIT_DEMO
至此,我們已經實現了對錶T_AUDIT_DEMO的審計。與FGA相關的表或者檢視:
select * from fga$
select * from fga_log$
select * from fgacol$
select * from dba_fga_audit_trail
select * from dba_common_audit_trail
select * from dba_audit_policies
select * from dba_fga_audit_trail
與FGA相關的包或者過程:
dbms_fga.add_policy dbms_fga.drop_policy
至於這些表、檢視、包的列或者引數的使用方法,可以Describe或者檢視相關文件