audit-优快云博客

本文介绍Oracle数据库中的审计功能，包括默认审计类别、数据库审计、基于值的审计策略等，并详细讲解了如何启用和禁用审计，以及如何获取审计信息。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

Auditing categories（审计分类）

audited by default

在默认情况下都需要审计：实例启动关闭，及管理员权限

database auditing

数据库审计监控并记录用户的数据库操作。

value-based or application auditing

          基于表内数值的审计职能通过存储过程，触发器完成。

Enabling and disabling database auditing（打开数据库审计）
         通过设置AUDIT_TRAIL=value，来打开或关系数据库审计
         Vaule的值：

- TRUE or DB：允许审计，记录所有审计到database audit trail（SYS.AUD$）
- OS:允许将审计写入Operation system trail
- FALSE or NONE:关闭审计

Auditing Option

statement auditing

AUDIT TABLE ;

privilege auditing

AUDIT create any trigger;

schema object auditing

AUDIT SELECT ON emi.orders;

Fine-grained auditing：

Fine-grained auditing: This provides the monitoring of data access based on content. A PL/SQL package DBMS_FGA administers value-based audit policies. Using DBMS_FGA, the DBA creates an audit policy on the target table. If any of the rows returned from a query block matches the audit condition, then an audit event entry, including username, SQL text, bind variable, policy name, session ID, timestamp, and other attributes, is inserted into the audit trail.

Disabling auditing

Use the NOAUDIT statement to stop auditing chosen by the AUDIT command.

Obtaining Auditing Information

Data Dictionary                    View Description
--------------------    ----------------------
ALL_DEF_AUDIT_OPTS            Default audit options
DBA_STMT_AUDIT_OPTS        Statement auditing options
DBA_PRIV_AUDIT_OPTS          Privilege auditing options
DBA_OBJ_AUDIT_OPTS           Schema object auditing options

DBA_AUDIT_TRAIL                 All audit trail entries
DBA_AUDIT_EXISTS               Records for AUDIT EXISTS/
                                           NOT EXISTS
DBA_AUDIT_OBJECT              Records concerning schema objects
DBA_AUDIT_SESSION            All connect and disconnect entries
DBA_AUDIT_STATEMENT       Statement auditing records

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/24419958/viewspace-673037/，如需转载，请注明出处，否则将追究法律责任。

转载于:http://blog.itpub.net/24419958/viewspace-673037/