摘要: 1、审计初始化参数:在init文件中添加 AUDIT_TRAIL = DB 2、设置审计 对象审计:AUDIT DELETE,INSERT,UPDATE ON TABLE (BY USER); SESSION审计: AUDIT SESSION; —...
1、审计初始化参数:在init文件中添加 AUDIT_TRAIL = DB
2、设置审计
对象审计:AUDIT DELETE,INSERT,UPDATE ON TABLE (BY USER);
SESSION审计:
AUDIT SESSION;
— 指定用户
AUDIT SESSION BY (USER1,USER2)
权限审计:
AUDIT DELETE ANY TABLE BY ACCESS WHENEVER NOTSUCCESSFUL;
AUDIT DELETE ANY TABLE;
AUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE, EXECUTE PROCEDURE
BY ACCESS WHENEVER NOT SUCCESSFUL;
3、关闭审计NOAUDIT
4、清除审计
DELETE FROM SYS.AUD$;
DELETE FROM SYS.AUD$ WHERE obj$name = 。。。
5、相关视图查询:
STMT_AUDIT_OPTION_MAP-审计选项类型代码
AUDIT_ACTIONS-action代码
ALL_DEF_AUDIT_OPTS-对象创建时默认的对象审计选项
DBA_STMT_AUDIT_OPTS-当前数据库系统审计选项
DBA_PRIV_AUDIT_OPTS-权限审计选项
DBA_OBJ_AUDIT_OPTS
USER_OBJ_AUDIT_OPTS-对象审计选项
DBA_AUDIT_TRAIL
USER_AUDIT_TRAIL-审计记录
DBA_AUDIT_OBJECT
USER_AUDIT_OBJECT-审计对象列表
DBA_AUDIT_SESSION
USER_AUDIT_SESSION-session审计
DBA_AUDIT_STATEMENT
USER_AUDIT_STATEMENT-语句审计
DBA_AUDIT_EXISTS-使用BY AUDIT NOT EXISTS选项的审计
DBA_AUDIT_POLICIES-审计POLICIES
DBA_COMMON_AUDIT_TRAIL-标准审计+精细审计