oracleÊý¾ÝÉó¼Æ AUDIT

•ºÎΪÉó¼Æ
Êý¾Ý¿âÉó¼Æ£¬¾ÍÊǶÔÊý¾Ý¿âµÄ»î¶¯×ö¸ú×ټǼ£¬Ö÷Òª°üÀ¨Êý¾Ý¿âÁ¬½Ó£¬SQLÓï¾äÖ´ÐУ¬Êý¾Ý¿â¶ÔÏó·ÃÎÊÕâЩ·½ÃæµÄ¸ú×ټǼ¡£
•ÏÖʵ×÷ÓÃ
°²È«¿ØÖÆ¡¢¸ú×ÙÊý¾Ý±ä»¯¡¢³ÌÐòBUGµ÷ÊÔ¡¢×Ô¶¨ÒåµÄÊý¾Ý»ã×Ü·ÖÎö¡¢²Ù×÷ÈÕÖ¾
•´æ´¢·½Ê½
Ò»ÖÖÊÇ´æ´¢ÔÚ²Ù×÷ϵͳÎļþÖУ¬Ò»ÖÖÊÇ´æ´¢ÔÚsystem±í¿Õ¼äÖеÄSYS.AUD$±íÖÐ
•ÐÔÄÜÓ°Ïì
Éó¼Æ±ØÈ»ÐèÒªÕ¼ÓÃCPU£¬Òò´Ë£¬ÐèÒª×ÛºÏƽºâÉó¼ÆÐèÇóÓëÐÔÄÜÖ®¼äµÄƽºâÐÔÎÊÌ⣬ÒÔÈ·¶¨³ö×îºÃµÄÉóÐí²ßÂÔ¡£
•°üº¬ÐÅÏ¢
  ²Ù×÷ϵͳÓû§Ãû¡¢Êý¾Ý¿âÓû§Ãû¡¢Á¬½Ó»á»°±êʶ¡¢Öն˱êʶ¡¢±»·ÃÎʵÄschema¶ÔÏóÃû¡¢³¢ÊԵIJÙ×÷¡¢²Ù×÷ÍêÕû´úÂë¡¢ÈÕÆÚʱ¼ä´Á
•ÈýÖÖ¼¶±ðµÄÉó¼Æ£ºStatement(Óï¾ä)¡¢Privilege£¨È¨ÏÞ£©¡¢object£¨¶ÔÏ󣩡£
•Éó¼ÆµÄһЩÆäËûÑ¡Ïî
by access / by session£º
by access ÿһ¸ö±»Éó¼ÆµÄ²Ù×÷¶¼»áÉú³ÉÒ»Ìõaudit trail¡£
by session Ò»¸ö»á»°ÀïÃæͬÀàÐ͵IJÙ×÷Ö»»áÉú³ÉÒ»Ìõaudit trail£¬Ä¬ÈÏΪby session¡£
whenever [not] successful£º
whenever successful ²Ù×÷³É¹¦(dba_audit_trailÖÐreturncode×Ö¶ÎΪ0) ²ÅÉó¼Æ,
whenever not successful ·´Ö®¡£Ê¡ÂÔ¸Ã×Ó¾äµÄ»°£¬²»¹Ü²Ù×÷³É¹¦Óë·ñ¶¼»áÉó¼Æ¡£
•Ï¸Á£¶ÈµÄÉó¼Æ
–´ÓOracle9i¿ªÊ¼£¬Í¨¹ýÒýÈëϸÁ£¶ÈµÄ¶ÔÏóÉó¼Æ£¬»ò³ÆΪFGA£¬Éó¼Æ±äµÃ¸üΪ¹Øעij¸ö·½Ã棬²¢ÇÒ¸üΪ¾«È·¡£
–ʹÓñê×¼µÄÉó¼Æ£¬¿ÉÒÔÇáËÉ·¢ÏÖ·ÃÎÊÁËÄÄЩ¶ÔÏóÒÔ¼°ÓÉË­·ÃÎÊ£¬µ«ÎÞ·¨ÖªµÀ·ÃÎÊÁËÄÄЩÐлòÁС£
–ϸÁ£¶ÈµÄÉó¼Æ¿É½â¾öÕâ¸öÎÊÌ⣬Ëü²»½öΪÐèÒª·ÃÎʵÄÐÐÖ¸¶¨Î½´Ê(»òwhere×Ó¾ä)£¬»¹Ö¸¶¨Á˱íÖзÃÎʵÄÁС£
–ͨ¹ýÖ»ÔÚ·ÃÎÊijЩÐкÍÁÐʱÉó¼Æ¶Ô±íµÄ·ÃÎÊ£¬¿ÉÒÔ¼«´óµØ¼õÉÙÉó¼Æ±íÌõÄ¿µÄÊýÁ¿¡£
–ÒÔʹÓÃÊý¾Ý×ÖµäÊÓͼDBA_FGA_AUDIT_TRAIL·ÃÎÊϸÁ£¶ÈÉó¼ÆµÄÉó¼Æ¼Ç¼¡££¨Ä¬ÈÏÖ»ÓÐSYSÓÐȨ²é¿´£©
–³ÌÐò°üDBMS_FGA¾ßÓÐ4¸ö¹ý³Ì£¨ADD_POLICY¡¢DROP_POLICY¡¢DISABLE_POLICY¡¢ENABLE_POLICY£©
•×¢Òâ
–OracleÔÚ9i 10g Óа²È«Â©¶´£¬  Èç¹ûSYSÓû§µÇ¼ºó²Ù×÷£¬Éó¼Æ½«Ê§Ð§£¡£¨ BUGTRAQ  ID: 13510£©
–ËùÒÔ²âÊÔʱÇëÓÃÆäËûÓû§µÇ¼£¬ÈçSCOTT£»DBMS_FGAĬÈÏÖ»ÓÐÓû§ÓÐÖ´ÐÐȨ£¬½¨Á¢Éó¼Æ¹æÔòʱ»¹ÐèÓÃSYSµÇ¼¡£
•²Î¼û: http://blog.chinaunix.net/u2/66903/showart_2082884.html
 
cmd>sqlplus sys/sys as sysdba
SQL> show parameter audit_trail
NAME    &