Property | Description |
Parameter type | Boolean |
Default value | false |
Modifiable | No |
Range of values | true | false |
Basic | No |
AUDIT_SYS_OPERATIONS enables or disables the auditing of operations issued by user SYS, and users connecting with SYSDBA or SYSOPER privileges. The audit records are written to the operating system's audit trail. The audit records will be written in XML format if the AUDIT_TRAIL initialization parameter is set to XML.
此参数为静态参数,修改后要重启数据库实例
Property | Description |
Parameter type | String |
Syntax | AUDIT_TRAIL = { none | os | db | db,extended | xml | xml,extended } |
Default value | none |
Modifiable | No |
Basic | No |
AUDIT_TRAIL enables or disables database auditing.
Values:
- none
Disables database auditing.
- os
Enables database auditing and directs all audit records to the operating system's audit trail.
- db
Enables database auditing and directs all audit records to the database audit trail (the SYS.AUD$ table).
- db,extended
Enables database auditing and directs all audit records to the database audit trail (the SYS.AUD$ table). In addition, populates the SQLBIND and SQLTEXT CLOB columns of the SYS.AUD$ table.
- xml
Enables database auditing and writes all audit records to XML format OS files.
- xml,extended
Enables database auditing and prints all columns of the audit trail, including SqlText and SqlBind values.
2,配置操作步骤
SQL> alter system set audit_sys_operations=true scope=spfile;
System altered.
SQL>shutdown immediate
SQL>startup
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /oracle/admin/ora10g/adump --注:所有申计记录文件存储在这个目录下
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string DB_EXTENDED ---这个参数就是控制是否生成申计文件,且以何种格式生成申计文件,
SQL>
3,测试特权用户的操作
SQL> show user
USER is "SYS"
SQL> create table lv(a int);
Table created.
SQL>
bash-3.00$ ls -lrt|tail -3f
-rw-r----- 1 ora10g oinstall 1157 9月 8 06:14 ora_21747.aud
-rw-r----- 1 ora10g oinstall 737 9月 8 06:15 ora_21748.aud
-rw-r----- 1 ora10g oinstall 1505 9月 8 06:25 ora_21767.aud
bash-3.00$ tail -f ora_21767.aud
STATUS: 0
Tue Sep 8 06:25:19 2009
ACTION : 'create table lv(a int)'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
SQL> show user
USER is "SYS"
SQL> insert table lv values(1);
1 row created.
SQL>
Tue Sep 8 06:27:43 2009
ACTION : 'insert into lv values(1)'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:27:45 2009
ACTION : 'commit'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL>
bash-3.00$ tail -f ora_21767.aud
STATUS: 0
Tue Sep 8 06:27:45 2009
ACTION : 'commit'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:30:26 2009
ACTION : 'ALTER DATABASE CLOSE NORMAL'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:30:26 2009
ACTION : 'ALTER DATABASE DISMOUNT'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:30:26 2009
ACTION : 'SHUTDOWN'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
SQL> startup nomount
ORACLE instance started.
Total System Global Area 314572800 bytes
Fixed Size 1279964 bytes
Variable Size 79693860 bytes
Database Buffers 230686720 bytes
Redo Buffers 2912256 bytes
SQL> alter database mount;
Database altered.
SQL> alter database open;
Database altered.
SQL>
bash-3.00$ ls -lrt|tail -3f
-rw-r----- 1 ora10g oinstall 2243 9月 8 06:30 ora_21767.aud
-rw-r----- 1 ora10g oinstall 1175 9月 8 06:32 ora_22161.aud
-rw-r----- 1 ora10g oinstall 1008 9月 8 06:32 ora_22188.aud
bash-3.00$ tail -f ora_22188.aud
STATUS: 0
Tue Sep 8 06:32:05 2009
ACTION : 'SELECT DECODE(null,'','Total System Global Area','') NAME_COL_PLUS_SHOW_SGA, SUM(VALUE), DECODE (null,'', 'bytes','') units_col_plus_show_sga FROM V$SGA UNION ALL SELECT NAME NAME_COL_PLUS_SHOW_SGA , VALUE, DECODE (null,'', 'bytes','') units_col_plus_show_sga FROM V$SGA'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:32:52 2009
ACTION : 'alter database mount'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
STATUS: 0
Tue Sep 8 06:33:23 2009
ACTION : 'alter database open'
DATABASE USER: '/'
PRIVILEGE : SYSDBA
CLIENT USER: ora10g
CLIENT TERMINAL: syscon
4,适用范围
适用于控制sysdba角色及sysoper角色及dba色色的用户所作的各种操作
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/9240380/viewspace-614133/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/9240380/viewspace-614133/