ITPub博客

首页 > 数据库 > Oracle > 管理AUDIT_TRAIL初始化参数配置标准审计

管理AUDIT_TRAIL初始化参数配置标准审计

原创 Oracle 作者:zhangsharp20 时间:2016-03-29 18:44:29 0 删除 编辑
Enabling or Disabling the Standard Audit Trail

You enable the standard audit trail by setting the AUDIT_TRAIL initialization 
parameter. This setting determines whether to create the audit trail in the database 
audit trail, write the audit activities to an operating system file, or to disable auditing. 

通过开启audit_trail参数开启审计,这个参数决定了是否以数据库记录审计轨迹、以操作系统文件记录审计内容或是关闭审计

To enable or disable the standard audit trail, log in to SQL*Plus with administrative 
privileges, and use the ALTER SYSTEM statement. Afterwards, you need to restart the 
database instance

使用alter system命令开启或关闭审计,之后,需要重启实例。

To check the current value of the AUDIT_TRAIL parameter, use the SHOW PARAMETER 
command in SQL*Plus

Example 9–1 shows how to check the AUDIT_TRAIL parameter setting. 

SHOW PARAMETER AUDIT_TRAIL
NAME TYPE VALUE
------------------------------------ ----------- -------
audit_trail string DB

Example 9–2 shows how to log onto SQL*Plus, enable the standard audit trail, and 
then restart the database instance. 
Example 9–2 Enabling the Standard Audit Trail
CONNECT SYSTEM
Enter password: password
ALTER SYSTEM SET AUDIT_TRAIL=DB SCOPE=SPFILE;
System altered.
CONNECT SYS/AS SYSOPER
Enter password: password
SHUTDOWN
Database closed.
Database dismounted.
ORACLE instance shut down.
STARTUP
ORACLE instance started.

This example uses the SCOPE clause because the database instance had been started 
using a server parameter file (SPFILE). Starting the database with a server parameter 
file is the preferred way of starting a database instance. See Oracle Database 
Administrator's Guide for information about creating configuring server parameter 
files.


AUDIT_TRAIL enables or disables database auditing.

Values:
■ none
Disables standard auditing. This value is the default if the AUDIT_TRAIL parameter 
was not set in the initialization parameter file or if you created the database using 
a method other than Database Configuration Assistant. If you created the database 
using Database Configuration Assistant, then the default is db.
■ os
Directs all audit records to an operating system file. Oracle recommends that you 
use the os setting, particularly if you are using an ultra-secure database 
configuration.
■ db
Directs audit records to the database audit trail (the SYS.AUD$ table), except for 
records that are always written to the operating system audit trail. Use this setting 
for a general database for manageability.
If the database was started in read-only mode with AUDIT_TRAIL set to db, then 
Oracle Database internally sets AUDIT_TRAIL to os. Check the alert log for details.
■ db, extended
Performs all actions of AUDIT_TRAIL=db, and also populates the SQL bind and SQL 
text CLOB-type columns of the SYS.AUD$ table, when available. These two 
columns are populated only when this parameter is specified.
If the database was started in read-only mode with AUDIT_TRAIL set to db, 
extended, then Oracle Database internally sets AUDIT_TRAIL to os. Check the alert 
log for details.
■ xml
Writes to the operating system audit record file in XML format. Records all 
elements of the AuditRecord node except Sql_Text and Sql_Bind to the operating 
system XML audit file.
■ xml, extended
Performs all actions of AUDIT_TRAIL=xml, and populates the SQL bind and SQL 
text CLOB-type columns of the SYS.AUD$ table, wherever possible. These columns 
are populated only when this parameter is specified.
You can use the SQL AUDIT statement to set auditing options regardless of the setting 
of this parameter.

可以通过表dba_audit_trail查看审计信息

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/29802484/viewspace-2071918/,如需转载,请注明出处,否则将追究法律责任。

上一篇: OEM打不开
请登录后发表评论 登录
全部评论

注册时间:2014-08-12

  • 博文量
    382
  • 访问量
    635509