oracle怎么添加审计,oracle打开审计
oracle里怎样对某个用户进行审计
grant connect, resource, dba to TEST
义安ssl适用于网站、小程序/APP、API接口等需要进行数据传输应用场景,ssl证书未来市场广阔!成为创新互联建站的ssl证书销售渠道,可以享受市场价格4-6折优惠!如果有意向欢迎电话联系或者加微信:13518219792(备注:SSL证书合作)期待与您的合作!
DBA: 拥有全部特权,是系统最高权限,只有DBA才可以创建数据库结构。
RESOURCE:拥有Resource权限的用户只可以创建实体,不可以创建数据库结构。
CONNECT:拥有Connect权限的用户只可以登录Oracle,不可以创建实体,不可以创建数据库结构。
没用过grant insert,select这些权限的,不过你可以试试可以吗
如何打开oracle10g审计功能
个表名为SYS.AUD$,位于数据目录下。在一些操作系统中,你还可以给操作系统自己的事件日志子系统写审计记录。 Oracle 10g增加了第三个选项:在一个操作系统目录中写入文件的功能。这些文件可以为XML格式。
在oracle中开启审计功能
sqlplus "/ as sysdba"
show parameter audit
alter system set audit_sys_operations=TRUE scope=spfile;
alter system set audit_trail=DB scope=spfile;
shutdown immediate;
startup force;
Oracle 11g起audit是自动开启的。我很烦这个审计开启,审计日志半个月10G,烦烦烦。我一把都关闭Oracle的审计功能,提高Oracle的空闲率。
oracle数据库的审计功能
在oracle11g中,数据库的审计功能是默认开启的(这和oracle10g的不一样,10g默认是关闭的),
oracle11gr2的官方文档上写的是错的,当上说default是none,而且是审计到db级别的,这样就会
往aud$表里记录统计信息。
1.如果审计不是必须的,可以关掉审计功能;
sql
show
parameter
audit_trail;
name
type
value
------------------------------------
-----------
------------------------------
audit_trail
string
db
sql
alter
system
set
audit_trail=none
scope=spfile;
sql
shut
immediate;
sqlstartup
2.删除已有的审计信息
可以直接truncate表aud$,
truncate
table
sys.aud$;
3.或者将aud$表移到另外一个表空间下,以减少system表空间的压力和被撑爆的风险。
附:11g中有关audit_trail参数的设置说明:
audit_trail
property
description
parameter
type
string
syntax
audit_trail
=
{
none
|
os
|
db
[,
extended]
|
xml
[,
extended]
}
default
value
none
modifiable
no
basic
no
audit_trail
enables
or
disables
database
auditing.
values:
none
disables
standard
auditing.
this
value
is
the
default
if
the
audit_trail
parameter
was
not
set
in
the
initialization
parameter
file
or
if
you
created
the
database
using
a
method
other
than
database
configuration
assistant.
if
you
created
the
database
using
database
configuration
assistant,
then
the
default
is
db.
os
directs
all
audit
records
to
an
operating
system
file.
oracle
recommends
that
you
use
the
os
setting,
particularly
if
you
are
using
an
ultra-secure
database
configuration.
db
directs
audit
records
to
the
database
audit
trail
(the
sys.aud$
table),
except
for
records
that
are
always
written
to
the
operating
system
audit
trail.
use
this
setting
for
a
general
database
for
manageability.
if
the
database
was
started
in
read-only
mode
with
audit_trail
set
to
db,
then
oracle
database
internally
sets
audit_trail
to
os.
check
the
alert
log
for
details.
db,
extended
performs
all
actions
of
audit_trail=db,
and
also
populates
the
sql
bind
and
sql
text
clob-type
columns
of
the
sys.aud$
table,
when
available.
these
two
columns
are
populated
only
when
this
parameter
is
specified.
if
the
database
was
started
in
read-only
mode
with
audit_trail
set
to
db,
extended,
then
oracle
database
internally
sets
audit_trail
to
os.
check
the
alert
log
for
details.
xml
writes
to
the
operating
system
audit
record
file
in
xml
format.
records
all
elements
of
the
auditrecord
node
except
sql_text
and
sql_bind
to
the
operating
system
xml
audit
file.
xml,
extended
performs
all
actions
of
audit_trail=xml,
and
populates
the
sql
bind
and
sql
text
clob-type
columns
of
the
sys.aud$
table,
wherever
possible.
these
columns
are
populated
only
when
this
parameter
is
specified.
you
can
use
the
sql
audit
statement
to
set
auditing
options
regardless
of
the
setting
of
this
parameter.
本文名称:oracle怎么添加审计,oracle打开审计
地址分享:http://ybzwz.com/article/hdejos.html