程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
 程式師世界 >> 數據庫知識 >> Oracle數據庫 >> Oracle教程 >> OracleFGA細粒度審計

OracleFGA細粒度審計

編輯:Oracle教程

OracleFGA細粒度審計


如果你想要審計表上,在某個時間,哪些人,操作哪些DML語句,用FGA是個不錯的選擇。

SQL> select * from v$version;
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production

SQL> exec DBMS_FGA.ADD_POLICY(object_schema=>'LCAM_TEST',object_name=>'test',policy_name=>'FGA_1',enable=>TRUE,statement_types=>'UPDATE,delete',audit_trail=>DBMS_FGA.DB+DBMS_FGA.EXTENDED,audit_column_opts=>DBMS_FGA.ANY_COLUMNS);--

SQL> col SQL_TEXT format a80
SQL> select SQL_TEXT,TIMESTAMP from DBA_FGA_AUDIT_TRAIL order by TIMESTAMP;

SQL> update test set subobject_name=object_id where rownum=1;
SQL> select SQL_TEXT,TIMESTAMP from DBA_FGA_AUDIT_TRAIL order by TIMESTAMP;
update test set subobject_name=object_id where rownum=1 01-12月-14

SQL> update test set subobject_name=object_id where rownum<100;
SQL> select SQL_TEXT,TIMESTAMP from DBA_FGA_AUDIT_TRAIL order by TIMESTAMP;
update test set subobject_name=object_id where rownum<100 01-12月-14
update test set subobject_name=object_id where rownum=1 01-12月-14

SQL> delete from sys.fga_log$;
SQL> commit;
SQL> select SQL_TEXT,TIMESTAMP from DBA_FGA_AUDIT_TRAIL order by TIMESTAMP;

SQL>

還有讓審計失效、激活、刪除的方法:

exec DBMS_FGA.DISABLE_POLICY (object_schema=>'LCAM_TEST',object_name=>'test',policy_name=>'FGA_1');
exec DBMS_FGA.ENABLE_POLICY (object_schema=>'LCAM_TEST',object_name=>'test',policy_name=>'FGA_1');
exec DBMS_FGA.DROP_POLICY(object_schema=>'LCAM_TEST',object_name=>'test',policy_name=>'FGA_1');

官方文檔的位置是:

Oracle? Database PL/SQL Packages and Types Reference 11g Release 2 (11.2) DBMS_FGA

Table 66-2 ADD_POLICY Procedure Parameters

Parameter Description Default Value

object_schema

The schema of the object to be audited. (If NULL, the current log-on user schema is assumed.)

NULL

object_name

The name of the object to be audited.

-

policy_name

The unique name of the policy.

-

audit_condition

A condition in a row that indicates a monitoring condition. NULL is allowed and acts as TRUE.

NULL

audit_column

The columns to be checked for access. These can include OLS hidden columns or object type columns. The default, NULL, causes audit if any column is accessed or affected.

NULL

handler_schema

The schema that contains the event handler. The default, NULL, causes the current schema to be used.

NULL

handler_module

The function name of the event handler; includes the package name if necessary. This function is invoked only after the first row that matches the audit condition in the query is processed. If the procedure fails with an exception, the user SQL statement will fail as well.

NULL

enable

Enables the policy if TRUE, which is the default.

TRUE

statement_types

The SQL statement types to which this policy is applicable: INSERT, UPDATE,DELETE, or SELECT only.

SELECT

audit_trail

Destination (DB or XML) of fine grained audit records. Also specifies whether to populate LSQLTEXT and LSQLBIND in fga_log$.

DB+EXTENDED

audit_column_opts

Establishes whether a statement is audited when the query referencesany column specified in the audit_column parameter or only when allsuch columns are referenced.

ANY_COLUMNS


  1. 上一頁:
  2. 下一頁:
Copyright © 程式師世界 All Rights Reserved