zoukankan      html  css  js  c++  java
  • 审计

     

    1 细粒度审计

    默认对sys不审计,审计即开即关

    SYS@ora11g>show parameter audit

    NAME TYPE        VALUE

    ------------------------------------ ----------- ------------------------------

    audit_file_dest              string      /u02/app/admin/ora11g/adump

    audit_sys_operations              boolean     FALSE

    audit_syslog_level                 string

    audit_trail                         string      DB

    alter system set audit_sys_operations=true scope=spfile;

    shutdown immediate

    startup

    SYS@ora11g>

    begin

    DBMS_FGA.ADD_POLICY (

       object_schema      =>  'scott',

       object_name        =>  'au',

       policy_name        =>  'mypolicy',

       audit_condition    =>  'sal>2500',

       audit_column       =>  'sal',

       handler_schema    =>   NULL,

       handler_module    =>   NULL,

       enable             =>   TRUE,

       statement_types    =>  'UPDATE',

       audit_trail        =>   DBMS_FGA.DB_EXTENDED,

       audit_column_opts  =>   DBMS_FGA.ALL_COLUMNS);

    end;

    /

    SCOTT@ora11g>update au set sal=80000;

    SYS@ora11g>select sql_text from dba_common_audit_trail where sql_text is not null;

    SQL_TEXT

    --------------------------------------------------------------------------------

    update au set sal=80000

    desc aud$

    select OBJ$NAME,SES$ACTIONS from aud$;

    desc dba_common_audit_trail

    desc dba_FGA_audit_trail

    desc dba_audit_trail

    DBMS_FGA.DISABLE_POLICY (

    object_schema   =>  'scott',

    object_name     =>  'emp',

    policy_name     =>  'mypolicy1');

    DBMS_FGA.ENABLE_POLICY (

    object_schema    =>  'scott',

    object_name      =>  'emp',

    policy_name      =>  'mypolicy1',

    enable           =>   TRUE);

    DBMS_FGA.DROP_POLICY (

    object_schema   =>  'scott',

    object_name     =>  'emp',

    policy_name     =>  'mypolicy1');

    2 粗粒度审计

    AUDIT ROLE;

    AUDIT ROLEWHENEVER SUCCESSFUL;

    AUDIT ROLEWHENEVER NOT SUCCESSFUL;

    AUDIT SELECT TABLE, UPDATE TABLE;

    AUDIT SELECT TABLE, UPDATE TABLE BY hr, oe;

    AUDIT DELETE ANY TABLE;

    AUDIT CREATE ANY DIRECTORY;

    AUDIT DIRECTORY;

    AUDIT READ ON DIRECTORY bfile_dir;

    AUDIT SELECTON hr.employees;

    AUDIT SELECT ON hr.employeesWHENEVER SUCCESSFUL;

    AUDIT ALLON hr.employees_seq;

    noAUDIT create any table;

    desc aud$

    select OBJ$NAME,SES$ACTIONS from aud$;

  • 相关阅读:
    linux下"="号与"=="号
    设单链表中存放n个字符,试设计一个算法,使用栈推断该字符串是否中心对称
    Android系统开发(2)——GDB调试工具
    JavaScript、jQuery、HTML5、Node.js实例大全-读书笔记4
    我的编程之路(十八) 团队开发
    C语言中的函数指针
    BeagleBone Black 板第三课:Debian7.5系统安装和远程控制BBB板
    爱尔威火星车 AirWheel 电动独轮车
    祖国版SoloWheel:Airwheel爱尔威火星车 拆箱&上手经验_运动户外_晒物广场_什么值得买
    打工女孩 (豆瓣)
  • 原文地址:https://www.cnblogs.com/wwxbi/p/4216824.html
Copyright © 2011-2022 走看看