《oracle审计功能.doc》由会员分享,可在线阅读,更多相关《oracle审计功能.doc(5页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、【精品文档】如有侵权,请联系网站删除,仅供学习与交流oracle审计功能.精品文档.ORACLE 审计功能测试功能介绍使用10g的审计功能,可以指定审计某一用户的操作,对某对象的指定操作审计等操作测试步骤1)审计的细节设定参数audit_trail配置选项 none | os | db | db,extended | xml | xml,extendednone不打开审计db_extended打开并记录sql_text和sql_bandxml记录到xml文件xml记录到xml并记录sql_text 和sql_band打开审计并记录sqltextsysORCL alter system set
2、audit_trail=db_extended scope=spfile;重启数据库sysORCL shutdown immediate;sysORCL(128.192.128.1) startupORACLE instance started.Total System Global Area 1895825408 bytesFixed Size 2046296 bytesVariable Size 1157629608 bytesDatabase Buffers 721420288 bytesRedo Buffers 14729216 bytes设置对用户的审计sysORCLaudit al
3、l by zbtest by access;ZBTEST用户操作测试sysORCL conn zbtest/zbtestConnected.sysORCL) insert into zbtestt1 values(1);1 row created.ORCL create table zbtestt2(c1 number);Table created.sysORCL(128.192.128.1) delete from zbtestt2;0 rows deleted.查看是否成功抓取SQLselect username,sql_text from dba_audit_trail;USERNAME
4、 SQL_TEXTZBTEST insert into zbtestt1 values(1)ZBTEST create table zbtestt2(c1 number)ZBTEST delete from zbtestt2取消对用户的统计noaudit all by zbtest其他功能分析也可以用dbms_fga.add_policy进行更加灵活的审计ORCL conn / as sysdbaConnected.exec dbms_fga.add_policy(object_schema=ZBTEST, object_name= zbtestt1, policy_name= check_t
5、_audit,statement_types = INSERT, UPDATE, DELETE, SELECT);PL/SQL procedure successfully completed.解释:Object_schema:用户名Object_name:对象名Policy_name:策略名Statemenet_types:对哪种操作进行审计2)对t_audit表增删改查操作一番ORCL conn zbtest/zbtestConnected.secora10g select * from zbtestt1;X-2345676 rows selected.ORCL delete from z
6、btestt1 where x=5;1 row deleted.ORCL update t_ zbtestt1 set x=8 where x=7;1 row updated.ORCL insert into t_ zbtestt1 values (1);1 row created.ORCL commit;Commit complete.4)详细查看一下对应的SQL操作,FGA还是很强悍的ORCL col DB_USER for a10ORCL col SQL_TEXT for a50ORCL select db_user,sql_text from dba_fga_audit_trail;D
7、B_USER SQL_TEXT- -SEC select * from zbtestt1SEC delete from zbtestt1 where x=5SEC update zbtestt1 set x=8 where x=7SEC insert into zbtestt1 values (1)针对上面添加的审计策略进行调整:disable_policy、enable_policy和drop_policy的方法使策略失效的方法:ORCL exec dbms_fga.disable_policy(object_schema=ZBTEST, object_name= zbtestt1, policy_name= check_t_audit);使策略生效的方法:ORCL exec dbms_fga.enable_policy(object_schema=ZBTEST, object_name= zbtestt1, policy_name= check_t_audit);彻底删除策略的方法:ORCL exec dbms_fga.drop_policy(object_schema=ZBTEST, object_name= zbtestt1, policy_name= check_t_audit);PL/SQL procedure successfully completed.