数据库审计相关
<DIV>在数据库中记录审计信息</DIV><DIV>1.设置数据库审计参数(DB,EXTENDED)</DIV>
<DIV>该参数audit_trail是静态参数,在spfile设置后需要重启动实例才能生效</DIV>
<DIV>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">alter</SPAN> system <SPAN style="COLOR: #0000ff">set</SPAN> audit_trail<SPAN style="COLOR: #0000cc">=</SPAN>DB,EXTENDED <SPAN style="COLOR: #0000ff">scope</SPAN><SPAN style="COLOR: #0000cc">=</SPAN>spfile<SPAN style="COLOR: #0000cc">;</SPAN></SPAN></LI></OL></DIV></DIV>
<P>2.正对表某个表(如在schema hxl下的表tb_hxl_id)的select做审计</P>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">audit</SPAN> <SPAN style="COLOR: #0000ff">select</SPAN> <SPAN style="COLOR: #0000ff">on</SPAN> hxl<SPAN style="COLOR: #0000cc">.</SPAN>tb_hxl_id<SPAN style="COLOR: #0000cc">;</SPAN></SPAN></LI></OL></DIV>
<P>3.登陆schema hxl执行查询操作</P>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">Select</SPAN> <SPAN style="COLOR: #0000cc">*</SPAN> <SPAN style="COLOR: #0000ff">From</SPAN> tb_hxl_id</SPAN></LI></OL></DIV>
<P>4.查询系统审计表SYS.AUD$可以查得到步骤3执行的查询操作</P>
<DIV style="WIDTH: 98%; HEIGHT: 209px" id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css><SPAN style="COLOR: #000000">SQL> Column userid format a10;<BR>SQL> Column obj$name format a10;<BR>SQL> Column ses$actions format a20;<BR>SQL> Select userid,obj$name,ses$actions<BR> 2 From SYS.AUD$ Where userid='HXL';</SPAN></OL>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css><SPAN style="COLOR: #000000">USERID OBJ$NAME SES$ACTIONS<BR>---------- ---------- --------------------<BR>HXL TB_HXL_ID ---------S------<SPAN style="COLOR: #ff9900">
<LI></SPAN><BR></LI>
<LI> </SPAN></LI></OL></DIV>
<P>在OS中记录审计信息</P>
<DIV>1.设置数据库审计参数(OS)</DIV>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">ALTER</SPAN> SYSTEM <SPAN style="COLOR: #0000ff">SET</SPAN> AUDIT_TRAIL<SPAN style="COLOR: #0000cc">=</SPAN>OS <SPAN style="COLOR: #0000ff">SCOPE</SPAN><SPAN style="COLOR: #0000cc">=</SPAN>SPFILE<SPAN style="COLOR: #0000cc">;</SPAN></SPAN></LI></OL></DIV>
<P>2.正对表某个表(如在schema hxl下的表tb_hxl_id)的select做审计</P>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">audit</SPAN> <SPAN style="COLOR: #0000ff">select</SPAN> <SPAN style="COLOR: #0000ff">on</SPAN> hxl<SPAN style="COLOR: #0000cc">.</SPAN>tb_hxl_id<SPAN style="COLOR: #0000cc">;</SPAN></SPAN></LI></OL></DIV>
<P>3.登陆schema hxl执行查询操作</P>
<DIV id=codeText class=codeText>
<OL style="PADDING-BOTTOM: 5px; MARGIN: 0px 1px 0px 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px; PADDING-TOP: 5px" class=dp-css>
<LI><SPAN style="COLOR: #000000"><SPAN style="COLOR: #0000ff">Select</SPAN> <SPAN style="COLOR: #0000cc">*</SPAN> <SPAN style="COLOR: #0000ff">From</SPAN> tb_hxl_id</SPAN></LI></OL></DIV>
<P>4.在audit_file_dest参数指定的目下下会生成审计记录,若在windows环境下, 在事件查看器中也会查看得到审计信息。</P>
<P>注:audit_trail参数还可以试xml和xml, extended,设置成xml后,在audit_file_dest目录下会生成xml文件格式的审计信息.</P>
页:
[1]