_覓 | 覦覈襦 | 豕蠏手 | 殊螳 | 譯殊碁 |
FrontPage › 螳蠍磯
|
|
[edit]
1 螳 #一危覯伎り 譬 苦朱 蟯襴 譯手鍵 覈磯 . 企 一危覯伎 蟯襴 ろ 殊企 れ 覈磯 讌 Auditing企手 . 螳 譬襯 覓語リ, 蟠 螳, 螳豌 螳 企蟆 3螳讌襦 蟲覿. 企蟆 手係覃 襾殊 螳 ″ 伎伎狩讌 覈襯願給. 覿 螻り. 一危覯伎 ろ 覲螻 覈磯企 企螳 蠍磯 覿 蟆. る狩伎 蠏語 Audit Trail ロ蟆 . 譴蟆 螳 覦覯 螳 覈 襷 襦 螳襯 蟆. る ′ 豢螻, 螳 豢 一危襯 覲危誤伎 . 覓伎 螳 豢襷 り 蟆 讌. 覓朱 一危 螳 碁Μ蟇磯 螻 譟一襯 豬蟆 .
螳 燕/觜燕 . 覓伎 螳襯 る ろ るジ るる襦 蟆讌. 蠏碁 覓伎 螳 給. 蠏 覓伎 螳 る狩 語ろ伎れ startup/shutdown, 一危覯伎 蟯襴 蟠 螳讌 螳 . る狩伎 朱誤 殊 AUDIT_TRAIL 螳 覈朱 螳襯 燕 給.
AUDIT_TRAIL = DB | OS | NONE
3螳讌 螳 れ願螳 給. NONE 朱誤一 蠍磯蓋螳願規...DB 朱誤郁朱 れ覃 螳 豢一危 sys.AUD$ 一危 觀磯ゼ 牛 覲殊螳 給. OS 朱誤郁朱 れ覃 豢 殊 伎豌伎 ル. 企轟語 螳 燕/觜燕螳 螳ロ. 朱誤 殊 螳 燕朱 覈螳 襷. 語 覃 螳 企朱 詞伎. AUDIT NOAUDIT 覓語朱 燕/觜燕 給. 覓語レ る AUDIT SYSTEM 蟠 伎 蟲.
朱 螳襯 る 蟯襴襯 ろ襴渚誤襯 ろ伎 . 讀, 螳襯 企螻 觀磯ゼ 燕 蟆伎. 願 $ORACLE_HOME/rdbms/admin/cataudit.sql ろ覃 . 螳螳 豺 企螻 觀一 $ORACLE_HOME/rdbms/admin/catnoaud.sql ろ覃 .
螳襯 朱 蟆 覃 螳 覯襯 蟆一 螳襯 伎 蟆讌. 覓 襷 伎 螳 覲願 ルる 願碓 覿蠍 れ 讌蟆. 蠏碁 覯 蟆一 襷れ 譴 . 覯 SQL ろ 炎概覿 磯殊 語 一危覯伎れ 蠏殊 螳煙朱 蟲覿讌 螳螻 覯襯 譬 .
蠏碁 手係 螳 譬襯 3螳讌 蟆 螳螳 企慨蟆給.
[edit]
2 覓語 螳 #覓語リ SQL覓語 螳. 覈 覓語レ 螳螳 螳ロ讌襷 蟆 一危覯伎れ 企伎 一危覯伎れ ′ 螳 語. 覓語リ 覓碁 れ螻 螳給.
AUDIT statement_option
BY SESSION 旧朱 螳襯 語覲 螳企襦 DML 覓語レ ろ 蟆曙一襷 企麹螻, BY ACCESS 旧朱 螳襯 SQL覓語 伎 螳豌企襦 螳襯 蟆 . WHENEVER NOT SUCCESSFUL 覓語レ 炎概/ろ 磯殊 螳 覿襯 蟆一 給. 語 DBA_STMT_ADUIT_OPTS [edit]
3 蟠螳 #蟠 螳 る狩伎 覈 蟠 伎 螳襯 蟆 . 麹 襷 覿覿. 蟾 手係 螳 譴 覦覯 覯襯 豕 豢る 蟆. 覓碁 覓語リ 觜訣.
AUDIT system_privileges
system_privileges ALL PRIVILEGE襯 讌覃 覈 蟠 螳襯 れ. ろ 蟠 螳 語 DBA_PRIV_AUDIT_OPTS 觀磯 誤. [edit]
4 螳豌 螳 #覈 蠏碁襦 螳豌伎 螳. 讀, 螳豌 螳 DML 覓語リ骸 GRANT, REVOKE 螳. 磯殊 螳豌 螳 覈 襯 朱 蟆一. 覓碁 れ螻 螳給.
SQL> connect internal 郁屋給. SQL> shutdown 一危磯伎り 給. 一危磯伎り 襷危 伎給. ORACLE 語ろ伎り 譬襭給. SQL> !vi $ORACLE_HOME/dbs/initORCL.ora . . . . # estimates for computer memory availability. You should adjust values upward # for modern machines. # ############################################################################### AUDIT_TRAIL =DB <------------- 豢螳 貅譴... db_name = "ORCL" db_domain = yasicom instance_name = ORCL service_names = ORCL.yasicom . . . . SQL> startup ORACLE 語ろ伎り 給. Total System Global Area 87818400 bytes Fixed Size 73888 bytes Variable Size 70795264 bytes Database Buffers 16777216 bytes Redo Buffers 172032 bytes 一危磯伎り 襷危碁給. 一危磯伎り 企語給. SQL> @$ORACLE_HOME/rdbms/admin/cataudit.sql . . . . . . SQL> audit create table 2 by scott 3 by access 4 whenever successful; 螳 炎概. SQL> connect scott/tiger 郁屋給. SQL> drop table test; 企 給. SQL> create table test ( id number); 企 焔給. SQL> connect system/manager 郁屋給. SQL> connect system/manager 郁屋給. SQL> select username, timestamp, action_name 2 from dba_audit_trail; USERNAME TIMESTAM ACTION_NAME ------------------------------ -------- --------------------------- SCOTT 01/12/06 LOGOFF SCOTT 01/12/06 DROP TABLE SCOTT 01/12/06 CREATE TABLE SQL> select username, 2 to_char(timestamp, 'mm-dd-yy hh24:mi:ss') login_time, 3 to_char(logoff_time, 'mm-dd-yy hh24:mi:ss') logoff_time, 4 logoff_lread logical_reads, 5 logoff_pread physical_reads, 6 logoff_lread + logoff_pread total_reads 7 from sys.dba_audit_session; USERNAME LOGIN_TIME LOGOFF_TIME LOGICAL_READS PHYSICAL_READS TOTAL_READS ------------------------------ ----------------- ----------------- ------------- -------------- ----------- SCOTT 12-06-01 20:03:32 12-06-01 20:04:05 660 40 700 SQL> desc sys.aud$ 企 ? ----------------------------------------- -------- --------------------------- SESSIONID NOT NULL NUMBER ENTRYID NOT NULL NUMBER STATEMENT NOT NULL NUMBER TIMESTAMP# NOT NULL DATE USERID VARCHAR2(30) USERHOST VARCHAR2(128) TERMINAL VARCHAR2(255) ACTION# NOT NULL NUMBER RETURNCODE NOT NULL NUMBER OBJ$CREATOR VARCHAR2(30) OBJ$NAME VARCHAR2(128) AUTH$PRIVILEGES VARCHAR2(16) AUTH$GRANTEE VARCHAR2(30) NEW$OWNER VARCHAR2(30) NEW$NAME VARCHAR2(128) SES$ACTIONS VARCHAR2(19) SES$TID NUMBER LOGOFF$LREAD NUMBER LOGOFF$PREAD NUMBER LOGOFF$LWRITE NUMBER LOGOFF$DEAD NUMBER LOGOFF$TIME DATE COMMENT$TEXT VARCHAR2(4000) SPARE1 VARCHAR2(255) SPARE2 NUMBER OBJ$LABEL RAW(255) SES$LABEL RAW(255) PRIV$USED NUMBER SQL> noaudit create table 2 by scott 3 by access 4 whenever successful; by access * 3 る: ORA-01718: BY ACCESS | SESSION NOAUDIT 伎 讌 給 SQL> noaudit create table 2 by scott; 螳 伎 炎概. SQL> audit all privilege <---------------------覈 蟠 伎 螳襯 . 2 by access; 螳 炎概. SQL> connect scott/tiger 郁屋給. SQL> create user test_user 2 identified by test_user; identified by test_user * 2 る: ORA-01031: 蟠 覿豢覿 SQL> select username, timestamp, action_name 2 from dba_audit_trail; from dba_audit_trail * 2 る: ORA-00942: 企 觀郁 譟伎讌 給 SQL> connect system/manager 郁屋給. SQL> select username, timestamp, action_name 2 from dba_audit_trail; USERNAME TIMESTAM ACTION_NAME ------------------------------ -------- --------------------------- SCOTT 01/12/06 LOGOFF SCOTT 01/12/06 DROP TABLE SCOTT 01/12/06 CREATE TABLE SCOTT 01/12/06 LOGOFF SCOTT 01/12/06 EXECUTE PROCEDURE SCOTT 01/12/06 EXECUTE PROCEDURE SCOTT 01/12/06 CREATE USER SCOTT 01/12/06 SELECT SYSTEM 01/12/06 LOGON SYSTEM 01/12/06 EXECUTE PROCEDURE SYSTEM 01/12/06 EXECUTE PROCEDURE 11 螳 給. SQL> noaudit all privilege; 螳 伎 炎概. SQL> audit select, insert, update, delete 2 on scott.dept 3 by access 4 whenever successful; 螳 炎概. SQL> select * from scott.dept; DEPTNO DNAME LOC ---------- -------------- ------------- 10 ACCOUNTING NEW YORK 20 RESEARCH DALLAS 30 SALES CHICAGO 40 OPERATIONS BOSTON SQL> select username, timestamp, action_name 2 from dba_audit_trail; USERNAME TIMESTAM ACTION_NAME ------------------------------ -------- ---------------------- SCOTT 01/12/06 LOGOFF SCOTT 01/12/06 DROP TABLE SCOTT 01/12/06 CREATE TABLE SCOTT 01/12/06 LOGOFF SCOTT 01/12/06 EXECUTE PROCEDURE SCOTT 01/12/06 EXECUTE PROCEDURE SCOTT 01/12/06 CREATE USER SCOTT 01/12/06 SELECT SYSTEM 01/12/06 LOGON SYSTEM 01/12/06 EXECUTE PROCEDURE SYSTEM 01/12/06 EXECUTE PROCEDURE SYSTEM 01/12/06 SYSTEM NOAUDIT . . . . . . . . SYSTEM 01/12/06 SYSTEM NOAUDIT SYSTEM 01/12/06 SYSTEM NOAUDIT SYSTEM 01/12/06 SYSTEM NOAUDIT SYSTEM 01/12/06 AUDIT OBJECT SYSTEM 01/12/06 SELECT <-------------蠍磯.. 129 螳 給. SQL> noaudit select, insert, update, delete 2 on scott.dept; 螳 伎 炎概. 螳襯 豢 蠎 襷 螳襯 ろ 伎 . 400 128 貉伎り 朱Μ8 覯蟾蟲 る狩8i(8.1.7) 蟾 蠏碁一 覈磯朱 蠏 谿螳 蟷伎れ. ~ ろ語 蟆曙 蟲 伎 語 覈郁給. 螳 覯 譴願 伎 螳 ろ ろ 豌伎 焔レ 覩語 レ 豕 譴譯殊伎 . 蠏碁Μ螻 螳 豢 螻糾 豢覿 襷伎 . リ概螳 蟒谿蟆 覃 る狩伎 螳豢 一危襯 sys.AUD$ ロ伎 ロ讌 覈詩伎 襯 襴危蟆 . 譯殊蟲.
螳豢 蟯襴 譯手鍵朱 螳 豢 一危襯 蟇壱伎 覿ク 給. 覈螳讌 覦覯 給. 豌覯讌 覦覯 朱 覦覯, 覯讌碁 企豌企ゼ るジ 企襦 覲旧伎 蠍危 螳 豢 一危襯 覦覯, 碁讌碁 伎豌伎 朱 覲旧 覦覯. れ 蠏 .
SQL> create table backup_audit_trail -- 15殊 讌 螳豢 一危襯 覲旧. 2 as 3 select * from sys.AUD$ 4 where timestamp# < sysdate - 15; 企 焔給. yasicom% exp system/manager tables = sys.AUD$ file = /export/home/oracle/audit_trail_1.dmp -- 伎 . Export: Release 8.1.7.0.0 - Production on 覈 Dec 6 20:47:01 2001 (c) Copyright 2000 Oracle Corporation. All rights reserved. : Oracle8i Enterprise Edition Release 8.1.7.0.0 - Production With the Partitioning option JServer Release 8.1.7.0.0 - Production KO16KSC5601 覓語 れ螻 KO16KSC5601 NCHAR 覓語 れ ろ瑚 譬襭給 讌 企 ろ誤り via 蠏 蟆暑... SYS襦 覲蟆暑給 . . 企 AUD$(襯) ろ 譴 131 ろ碁 ろ瑚 蟆所 朱 譬襭給. yasicom% ls -l /export/home/oracle/audit_trail_1.dmp -rw-r--r-- 1 oracle dba 16384 12 6 20:47 /export/home/oracle/audit_trail_1.dmp yasicom% yasicom% sqlplus system/manager SQL*Plus: Release 8.1.7.0.0 - Production on 覈 Dec 6 20:48:25 2001 (c) Copyright 2000 Oracle Corporation. All rights reserved. Connected to: Oracle8i Enterprise Edition Release 8.1.7.0.0 - Production With the Partitioning option JServer Release 8.1.7.0.0 - Production SQL> truncate table sys.AUD$; 企 語給. SQL> select count(*) from sys.AUD$; COUNT(*) ---------- 0 れ 螳覲企ゼ 譟壱 一危 觀 .
* DBA_PRIV_AUDIT_OPTS
* DBA_STMT_AUDIT_OPTS * DBA_OBJ_AUDIT_OPTS * STMT_AUDIT_OPTION_MAP * AUDIT_ACTIONS * ALL_DEF_AUDIT_OPTS * USER_OBJ_AUDIT_OPTS * DBA_AUDIT_TRAIL * USER_AUDIT_TRAIL * DBA_AUDIT_SESSION * USER_AUDIT_SESSION * DBA_AUDIT_STATEMENT * USER_AUDIT_STATEMENT * DBA_AUDIT_OBJECT * USER_AUDIT_OBJECT * DBA_AUDIT_EXISTS
鏤
|
覓伎瑚襯 企り 襷 る 語 企襯 螳 螳 螳 . 覓伎 れ 襷 蟇一 讌 れ . (れ梗) |