每次sysdba或者sysoper权限登录都会写入一个audit trail文件或者在现有的trail文件后面添加登录信息,而这个并不受audit_trail参数限制,audit_trail是显示是否启用审计和审计内容存储的具体位置
有关audit_sys_operations参数:
AUDIT_SYS_OPERATIONS enables or disables the auditing of top-level operations, which are SQL statements directly issued by users when connecting with SYSDBA or SYSOPER privileges. (SQL statements run from within PL/SQL procedures or functions are not considered top-level.) The audit records are written to the operating system's audit trail. The audit records will be written in XML format if the AUDIT_TRAIL initialization parameter is set to xml or xml, extended.
On UNIX platforms, if the AUDIT_SYSLOG_LEVEL parameter has also been set, then it overrides the AUDIT_TRAIL parameter and SYS au
Oracle 11g 在audit_file_dest目录下产生大量的aud文件
Oracle 11g在audit_file_dest目录下频繁生成审计文件,每次sysdba或sysoper登录时,即使audit_sys_operations参数默认为false,仍会记录审计轨迹。当设置为true时,将记录更详细的sysdba/sysoper操作。AUDIT_SYSLOG_LEVEL参数在UNIX平台上会影响审计记录的位置。关闭审计不影响sysdba和sysoper的审计记录生成。
摘要由CSDN通过智能技术生成