当前位置:首页 -> 基础 -> 数据库编程

oracle数据库审计(六)

2014-11-24 12:51:07 · 作者: · 浏览: 1
标签: oracle 数据库 审计
RIBUTE VIEW
ALL_REPAUDIT_ATTRIBUTE VIEW
USER_REPAUDIT_ATTRIBUTE VIEW
REPCAT$_AUDIT_COLUMN TABLE
DBA_REPAUDIT_COLUMN VIEW
ALL_REPAUDIT_COLUMN VIEW
USER_REPAUDIT_COLUMN VIEW
KU$_AUDIT_VIEW VIEW
KU$_10_1_AUDIT_VIEW VIEW
KU$_AUDIT_OBJ_BASE_VIEW VIEW
KU$_AUDIT_OBJ_VIEW VIEW

OBJECT_NAME OBJECT_TYPE
-------------------------------------------------- -------------------
KU$_AUDIT_DEFAULT_VIEW VIEW
KU$_PROC_AUDIT_VIEW VIEW
KU$_PROCOBJ_AUDIT_VIEW VIEW
KU$_PROCDEPOBJ_AUDIT_VIEW VIEW
MGMT_BCN_TXN_AUDIT TABLE
MGMT_AUDIT_MASTER TABLE
MGMT_AUDIT_DESTINATION TABLE
MGMT_AUDIT_LOGS TABLE
MGMT_AUDIT_CUSTOM_ATTRIBS TABLE
MGMT$ESA_AUDIT_SYSTEM_REPORT VIEW
MGMT$AUDIT_LOG VIEW

OBJECT_NAME OBJECT_TYPE
-------------------------------------------------- -------------------
WWV_FLOW_BUILDER_AUDIT_TRAIL TABLE
APEX_DEVELOPER_AUDIT_LOG VIEW

57 rows selected.

SQL>
audit sql_statement_clause [by user_name]|[by [session][access]] [whenever [not] successful]
审计用户操作by user_name
审计用户sql:by access 对每条语句进行审计重复的sql也审计
审计用户sql:by session 只对该session sql进行审计,去除重复sql
审计用户登录成功或是失败 whenever successful whenever not successful
查看dba_stmt_audit_opts了解哪些用户进行了语句审计。
权限审计:
audit privilege_name [by user_name]|[by [session][access]] [whenever [not] successful]
查看dba_priv_audit_opts了解哪些用户有哪些权限审计进行记录
对象审计
audit schema_object_clause on schema by [access][session] [whenerver [not] successful]
查看dba_obj_audit_opts了解哪些用户进行了对象审计。
eg:
SQL>
SQL> audit select,insert on scott.emp by session;

Audit succeeded.

SQL> truncate table aud$;

Table truncated.

SQL> select * from dba_obj_audit_opts;

OWNER OBJECT_NAME OBJECT_TYPE ALT AUD COM DEL GRA IND INS LOC REN SEL UPD REF EXE CRE REA WRI FBK
------------------------------ -------------------------------------------------- ----------------------- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- ---
SCOTT EMP TABLE -/- -/- -/- -/- -/- -/- S/S -/- -/- S/S -/- -/- -/- -/- -/- -/- -/-

SQL>
SQL>
SQL>
SQL> noaudit select,insert on scott.emp;

Noaudit succeeded.

SQL> select * from dba_obj_audit_opts;

no rows selected

SQL>
取消审计使用noaudit
eg:
noaudit select table,insert table,delete table,update table by scott;
noaudit all privilege by scott;
在9i开始引入fga审计,使其审计更加精细可以对列行进行审计。其原理通过dbms_fga包进行实现,且记录在fga_log$中。
http://docs.oracle.com/cd/E11882_01/appdev.112/e40758/d_fga.htm#i1001938

SQL> desc dbms_fga
PROCEDURE ADD_POLICY
Argument Name Type In/Out Default
------------------------------ ----------------------- ------ --------
OBJECT_SCHEMA VARCHAR2 IN DEFAULT
OBJECT_NAME VARCHAR2 IN
POLICY_NAME VARCHAR2 IN
AUDIT_CONDITION VARCHAR2 IN DEFAULT
AUDIT_COLUMN VARCHAR2 IN DEFAULT
HANDLER_SCHEMA VARCHAR2 IN DEFAULT
HANDLER_MODULE VARCHAR2 IN DEFAULT
ENABLE BOOLEAN IN DEFAULT
STATEMENT_TYPES VARCHAR2 IN DEFAULT
AUDIT_TRAIL BINARY_INTEGER IN DEFAULT
AUDIT_COLUMN_OPTS BINARY_INTEGER IN DEFAULT
POLICY_OWNER VARCHAR2 IN DEFAULT
PROCEDURE DISABLE_POLICY
Argument Name Type In/Out Default
------------------------------ ----------------------- ------ --------
OBJECT_SCHEMA VARCHAR2 IN DEFAULT
OBJECT_NAME VARCHAR2 IN
POLICY_NAME VARCHAR2 IN
PROCEDURE DROP_POLICY
Argument Name Type In/Out Default
------------------------------ ----------------------- ------ --------
OBJECT_SCHEMA VARCHAR2 IN DEFAULT
OBJECT_NAME VARCHAR2 IN
POLICY_NAME VARCHAR2 IN
PROCEDURE ENABLE_POLICY
Argument Name Type In/O