此次以Linux系统为例!
1、查看当前数据库版本及状态信息
SQL> select * from v$version;BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
PL/SQL Release 11.2.0.4.0 - Production
CORE 11.2.0.4.0 Production
TNS for Linux: Version 11.2.0.4.0 - Production
NLSRTL Version 11.2.0.4.0 - Production
SQL> select dbid,name,open_mode from v$database;
DBID NAME OPEN_MODE
---------- --------- --------------------
1435632369 ORCL READ WRITE
2、检查audit默认设置
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/orcl/adu
mp
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string DB
3、修改如下参数,将sys操作记入/var/log/message中
SQL> alter system set audit_syslog_level='USER.NOTICE' scope=spfile;
System altered.
SQL> alter system set audit_sys_operations=TRUE scope=spfile;
System altered.
SQL> alter system set audit_trail=none scope=spfile;
System altered.SQL> startup force ---生产环境中严禁此操作(强烈建议使用shundown immediate--startup)
ORACLE instance started.
Total System Global Area 413372416 bytes
Fixed Size 2253784 bytes
Variable Size 327158824 bytes
Database Buffers 79691776 bytes
Redo Buffers 4268032 bytes
Database mounted.
Database opened.
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/orcl/adu
mp
audit_sys_operations boolean TRUE
audit_syslog_level string USER.NOTICE
audit_trail string NONE
ID
----------
2
1
3