对DB2审计功能的做了一些测试
1.语法
|>- db2audit --- configure --- reset ------------------------------> | |-( Audit Configuration -| |
|- describe ---------------------------------------|
|- extract -( Audit Extraction -------------------|
|- flush ------------------------------------------|
|- prune --- all ----------------------------------|
| |- date YYYYMMDDHH -| |- pathname PATH -|
|- start ------------------------------------------|
|- stop -------------------------------------------|
Audit Configuration:
|------------------------------------------------------->
|- scope --- all ---------| |- status --- both ----|
| V- , ----| | |- success -|
|--- audit -----| |- failure -|
|--- checking --|
|--- objmaint --|
|--- secmaint --|
|--- sysadmin --|
|--- validate --|
|--- context -|
>----------------------------|
|- errortype --- audit --|
|- normal -|
Audit Extraction:
|----------------------------------------------------------------------->
|- file FILE NAME --------------------| | V- , ------| |
|- delasc ----------------------------| |- category --- audit -----|
|- delimiter LOAD DELIMITER-| |- checking --|
|- objmaint --|
|- secmaint --|
|- sysadmin --|
|- validate --|
|- context -|
>--------------------------------------------------------|
|- database DATABASE NAME -| |- status --- success -|
|- failure -|
2.COMMAND
db2audit configure scope objmaint status both errortype audit
db2audit start
3.CREATE TABLE AND DROP TABLE AND INSERT DATA
db2 "create table t1(c1 bigint, c2 char(20))"
db2 +c "insert into t1 with cte(a1) as (values(1) union all select a1+1 from cte where a1<10000) select a1,'abcde' from cte"
4.CHECK DB2 AUDIT LOG
db2audit extract file audit.log category objmaint database brio
5.LOG FILE OUTPUT
timestamp=2004-07-19-09.50.59.311619;category=OBJMAINT;audit event=CREATE_OBJECT;
event correlator=3;event status=0;
database=BRIO;userid=db2v8i1;authid=DB2V8I1;
origin node=0;coordinator node=0;
application id=*N0.db2v8i1.030599142803;application name=db2bp;
package schema=NULLID;package name=SQLC2E03;
package section=0;object schema=DB2V8I1;object name=T1;object type=TABLE;
timestamp=2004-07-19-11.05.02.435321;category=OBJMAINT;audit event=DROP_OBJECT;
event correlator=6;event status=0;
database=BRIO;userid=db2v8i1;authid=DB2V8I1;
origin node=0;coordinator node=0;
application id=*N0.db2v8i1.030599142803;application name=db2bp;
package schema=NULLID;package name=SQLC2E03;
package section=0;object schema=DB2V8I1;object name=T1;object type=TABLE;
|>- db2audit --- configure --- reset ------------------------------> | |-( Audit Configuration -| |
|- describe ---------------------------------------|
|- extract -( Audit Extraction -------------------|
|- flush ------------------------------------------|
|- prune --- all ----------------------------------|
| |- date YYYYMMDDHH -| |- pathname PATH -|
|- start ------------------------------------------|
|- stop -------------------------------------------|
Audit Configuration:
|------------------------------------------------------->
|- scope --- all ---------| |- status --- both ----|
| V- , ----| | |- success -|
|--- audit -----| |- failure -|
|--- checking --|
|--- objmaint --|
|--- secmaint --|
|--- sysadmin --|
|--- validate --|
|--- context -|
>----------------------------|
|- errortype --- audit --|
|- normal -|
Audit Extraction:
|----------------------------------------------------------------------->
|- file FILE NAME --------------------| | V- , ------| |
|- delasc ----------------------------| |- category --- audit -----|
|- delimiter LOAD DELIMITER-| |- checking --|
|- objmaint --|
|- secmaint --|
|- sysadmin --|
|- validate --|
|- context -|
>--------------------------------------------------------|
|- database DATABASE NAME -| |- status --- success -|
|- failure -|
2.COMMAND
db2audit configure scope objmaint status both errortype audit
db2audit start
3.CREATE TABLE AND DROP TABLE AND INSERT DATA
db2 "create table t1(c1 bigint, c2 char(20))"
db2 +c "insert into t1 with cte(a1) as (values(1) union all select a1+1 from cte where a1<10000) select a1,'abcde' from cte"
4.CHECK DB2 AUDIT LOG
db2audit extract file audit.log category objmaint database brio
5.LOG FILE OUTPUT
timestamp=2004-07-19-09.50.59.311619;category=OBJMAINT;audit event=CREATE_OBJECT;
event correlator=3;event status=0;
database=BRIO;userid=db2v8i1;authid=DB2V8I1;
origin node=0;coordinator node=0;
application id=*N0.db2v8i1.030599142803;application name=db2bp;
package schema=NULLID;package name=SQLC2E03;
package section=0;object schema=DB2V8I1;object name=T1;object type=TABLE;
timestamp=2004-07-19-11.05.02.435321;category=OBJMAINT;audit event=DROP_OBJECT;
event correlator=6;event status=0;
database=BRIO;userid=db2v8i1;authid=DB2V8I1;
origin node=0;coordinator node=0;
application id=*N0.db2v8i1.030599142803;application name=db2bp;
package schema=NULLID;package name=SQLC2E03;
package section=0;object schema=DB2V8I1;object name=T1;object type=TABLE;
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/4096/viewspace-52401/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/4096/viewspace-52401/
2974
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
