1.create table and insert data
SQL> create table TEST
2 (
3 X NUMBER,
4 Y NUMBER
5 )
6 /
Table created
SQL> insert into test values(1,1);
1 row inserted
SQL> commit;
Commit complete
2.Creating an FGA Policy(disabled)
SQL> exec DBMS_FGA.ADD_POLICY(object_schema=>'LPPMTEST' ,object_name=>'TEST' ,policy_name=>'TEST_AUD' ,audit_column=>'X, Y' ,enable=>FALSE ,statement_types=>'UPDATE');
PL/SQL procedure successfully completed
3.Enabling an FGA Policy
SQL> exec DBMS_FGA.ENABLE_POLICY(object_schema=>'LPPMTEST' ,object_name=>'TEST' ,policy_name=>'TEST_AUD');
PL/SQL procedure successfully completed
4.execute update
SQL> update test set x=2,y=3;
1 row updated
SQL> commit;
Commit complete
5.grant privilege
SQL> conn sys/** as sysdba
Connected.
SQL> grant select on Dba_Fga_Audit_Trail to lppmtest;
Grant succeeded.
6.Reporting on the FGA Audit Trail Entries
SQL> SELECT session_id,TIMESTAMP,db_user,os_user,userhost,sql_text FROM Dba_Fga_Audit_Trail;
SESSION_ID TIMESTAMP DB_USER OS_USER USERHOST SQL_TEXT
---------- ----------- ------------------------------ -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- --------------------------------------------------------------------------------
16202785 2007-11-6 1 LPPMTEST H2 WORKGROUPJACKY
update test set x=2,y=3
7.Disabling an FGA Policy
SQL> exec DBMS_FGA.DISABLE_POLICY(object_schema=>'LPPMTEST' ,object_name=>'TEST' ,policy_name=>'TEST_AUD');
PL/SQL procedure successfully completed
8.Dropping an FGA Policy
SQL> EXEC DBMS_FGA.DROP_POLICY(object_schema=>'LPPMTEST' ,object_name=>'TEST' ,policy_name=>'TEST_AUD');
PL/SQL procedure successfully completed
SQL>
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/zhpsam109/archive/2007/11/06/1869912.aspx
--20091013使用dbms_fga来实现张宏岩的跟踪审计功能
--创建审计策略
exec dbms_fga.add_policy
(object_schema=>'portwz',object_name=>'wzlc',policy_name=>'portwz_wzlc_aud_dml',statements_t
ypes='delete,update,select,insert');
--执行dml语句
select * from portwz.wzlc where ...;
insert into portwz.wzlc values(...);
update portwz.wzlc set name = ...
delete portwz.wzlc where rownum = 1;
--查询审计结果
select * from dba_fga_audit_trail;
--停用审计策略
exec dbms_fga.disable_policy
(object_schema=>'portwz',object_name=>'wzlc',policy_name=>'portwz_wzlc_aud_dml');
--启用审计策略
exec dbms_fga.enable_policy
(object_schema=>'portwz',object_name=>'wzlc',policy_name=>'portwz_wzlc_aud_dml');
--删除审计策略
exec dbms_fga.drop_policy
(object_schema=>'portwz',object_name=>'wzlc',policy_name=>'portwz_wzlc_aud_dml');
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/450962/viewspace-1027794/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/450962/viewspace-1027794/