建立審計表空間
tablespace created.
connect / as sysdba;
sql>alter table aud$ move tablespace audittbs;
table altered.
sql> alter table audit$ move tablespace audittbs;
table altered.
sql> alter index i_audit rebuild online tablespace audittbs;
index altered.
sql> alter table audit_actions move tablespace audittbs;
table altered.
sql> alter index i_audit_actions rebuild online tablespace audittbs;
index altered.
sql> show parameter audit;
name type value
audit_sys_operations:
預設為false,當設定為true時,所有sys使用者(包括以sysdba, sysoper身份登入的使用者)的操作都會被記錄
audit_trail:
none:是預設值,不做審計;
db:將audit trail 記錄在資料庫的審計相關表中,如aud$,審計的結果只有連線資訊;
db,extended:這樣審計結果裡面除了連線資訊還包含了當時執行的具體語句;
os:將audit trail 記錄在作業系統檔案中,檔名由audit_file_dest引數指定;
sql> alter system set audit_trail=db,extended scope=spfile;
system altered.
sql> alter system set audit_sys_operations=true scope=spfile;
system altered.
測試細粒度審計
對錶的增,刪,改進行審計
create table audit_test
(invoice_id number,
invoice_num varchar (50),
invoice_desc varchar (200)
) ;加入細粒度審計策略
insert 審計策略
begin
dbms_fga.add_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_insert』,
audit_column => 『invoice_id, invoice_num,invoice_desc』,
enable => false,
statement_types => 『insert』);
end;
update審計策略
begin
dbms_fga.add_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_update』,
audit_column => 『invoice_id, invoice_num,invoice_desc』,
enable => false,
statement_types => 『update』);
end;
delete審計策略
begin
dbms_fga.add_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_delete』,
audit_column => 『invoice_id, invoice_num,invoice_desc』,
enable => false,
statement_types => 『delete』);
end;
啟動細粒度審計
begin
dbms_fga.enable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_insert』);
end;
begin
dbms_fga.enable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_update』);
end;
begin
dbms_fga.enable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_delete』);
end;
進行增,刪,改操作
sql> insert into audit_test values (2,『2014-08-22 001』, 『pay the taxi for 2014-0822』);
1 row created.
sql> commit;
commit complete.
sql> update audit_test set invoice_id = 1 where invoice_id = 2;
1 row updated.
sql> commit;
commit complete.
sql> delete from audit_test where invoice_id = 1;
1 row deleted.
sql> commit;
commit complete.
查詢審計資訊
select a.session_id,a.timestamp,a.db_user,a.dbid,a.userhost,a.object_schema,a.object_name,a.policy_name,a.sql_text from dba_fga_audit_trail a;
session_id timestamp db_user dbid userhost object_schema object_name policy_name sql_text
2760086 2019/5/1 17 test 1113199678 rhel6 test audit_test test_aud_update update audit_test set invoice_id = 1 where invoice_id = 2
2760086 2019/5/1 17 test 1113199678 rhel6 test audit_test test_aud_delete delete from audit_test where invoice_id = 1
關閉細粒度審計
begin
dbms_fga.disable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_insert』);
end;
begin
dbms_fga.disable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_update』);
end;
begin
dbms_fga.disable_policy (object_schema => 『test』,
object_name => 『audit_test』,
policy_name => 『test_aud_delete』);
end;
細粒度審計
細粒度審計 fga 通過 oracle9i 引入 可以理解為 基於策略的審計 與標準的審計功能相反,fga 可用於指定生成審計記錄必需的條件 fga 策略通過使用 dbms fga 程式包以程式設計方式繫結到物件 表 檢視 類似於用於通過 vpd dbms rls 進行訪問控制的程式包,它允許您建立...
Oracle細粒度審計(FGA)初步
oracle細粒度審計 fga 初步 細粒度審計 fga 是在oracle 9i中引入的,能夠記錄scn號和行級的更改以重建舊的資料,但是它們只能用於select語句,而不能用於dml,如update insert和delete語句.因此,對於oracle資料庫10g之前的版本,使用觸發器雖然對於以...
redis 細粒度鎖
上一節我描述了粗粒度鎖,並且描述了它的缺點。這一節我將使用細粒度鎖來處理上一節中粗粒度鎖所帶來的問題。我們可以為集合中的每個資源提供乙個鎖,這樣可以避免每次的操作都會鎖住所有的資源,其次我們為每乙個鎖設定乙個超時時間,避免死鎖情況的出現。下面看一下 鎖定資料 param key param fiel...