環境: Linux 6.4 + Oracle 10.2.0.4
1. Oracle 10g 審計功能
Oracle 10g審計功能默認是關閉的。 需要注意開啟審計功能必然會額外消耗一部分數據庫性能,開啟審計需要重啟數據庫生效。 具體的審計策略則需要根據項目實際要求自行配置。 ## 1.1 查看audit相關參數 ## ``` --查看audit相關參數 set linesize 200 show parameter audit --結果如下 NAME TYPE VALUE ------------------------------------ -------------------------------- ------------------------------ audit_file_dest string /opt/app/oracle/admin/vas/adum p audit_sys_operations boolean FALSE audit_syslog_level string audit_trail string NONE ``` ## 1.2 開啟審計 ## ``` --開啟審計 alter system set audit_sys_operations=TRUE scope=spfile; alter system set audit_trail=db,extended scope=spfile; --重啟庫生效 shutdown immediate startup --最后再次查看確定審計已開啟 SQL> show parameter auditNAME TYPE VALUE
audit_file_dest string /opt/app/oracle/admin/vas/adum
p
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string DB, EXTENDED
## 1.3 配置審計策略 ##
--查看審計策略
select * from DBA_STMT_AUDIT_OPTS;
--配置審計策略(參考11g默認開啟的審計選項設置如下基本審計內容)
AUDIT ALTER ANY PROCEDURE ;
AUDIT ALTER ANY TABLE ;
AUDIT ALTER DATABASE ;
AUDIT ALTER PROFILE ;
AUDIT ALTER SYSTEM ;
AUDIT ALTER USER ;
AUDIT CREATE ANY JOB ;
AUDIT CREATE ANY LIBRARY ;
AUDIT CREATE ANY PROCEDURE ;
AUDIT CREATE ANY TABLE ;
AUDIT CREATE EXTERNAL JOB ;
AUDIT CREATE PUBLIC DATABASE LINK ;
AUDIT CREATE SESSION ;
AUDIT CREATE USER ;
AUDIT DATABASE LINK ;
AUDIT DIRECTORY ;
AUDIT DROP ANY PROCEDURE ;
AUDIT DROP ANY TABLE ;
AUDIT DROP PROFILE ;
AUDIT DROP USER ;
AUDIT EXEMPT ACCESS POLICY ;
AUDIT GRANT ANY OBJECT PRIVILEGE ;
AUDIT GRANT ANY PRIVILEGE ;
AUDIT GRANT ANY ROLE ;
AUDIT PROFILE ;
AUDIT PUBLIC SYNONYM ;
AUDIT ROLE ;
AUDIT SYSTEM AUDIT ;
AUDIT SYSTEM GRANT ;
--其他特殊需求的審計策略
----審計對業務用戶JINGYU下的核心表T1數據的刪除,更新和插入操作
AUDIT DELETE,UPDATE,INSERT ON JINGYU.T1;
----審計核心表T2(包括查詢)
AUDIT ALL ON JINGYU.T2;
----審計核心表T2,每一次都生成一行審計記錄
AUDIT ALL ON JINGYU.T2 BY ACCESS;
----取消特殊需求的審計策略
NOAUDIT DELETE,UPDATE,INSERT ON JINGYU.T1;
NOAUDIT ALL ON JINGYU.T2;
--取消審計策略
NOAUDIT ALTER ANY PROCEDURE ;
NOAUDIT ALTER ANY TABLE ;
NOAUDIT ALTER DATABASE ;
NOAUDIT ALTER PROFILE ;
NOAUDIT ALTER SYSTEM ;
NOAUDIT ALTER USER ;
NOAUDIT CREATE ANY JOB ;
NOAUDIT CREATE ANY LIBRARY ;
NOAUDIT CREATE ANY PROCEDURE ;
NOAUDIT CREATE ANY TABLE ;
NOAUDIT CREATE EXTERNAL JOB ;
NOAUDIT CREATE PUBLIC DATABASE LINK ;
NOAUDIT CREATE SESSION ;
NOAUDIT CREATE USER ;
NOAUDIT DATABASE LINK ;
NOAUDIT DIRECTORY ;
NOAUDIT DROP ANY PROCEDURE ;
NOAUDIT DROP ANY TABLE ;
NOAUDIT DROP PROFILE ;
NOAUDIT DROP USER ;
NOAUDIT EXEMPT ACCESS POLICY ;
NOAUDIT GRANT ANY OBJECT PRIVILEGE ;
NOAUDIT GRANT ANY PRIVILEGE ;
NOAUDIT GRANT ANY ROLE ;
NOAUDIT PROFILE ;
NOAUDIT PUBLIC SYNONYM ;
NOAUDIT ROLE ;
NOAUDIT SYSTEM AUDIT ;
NOAUDIT SYSTEM GRANT ;
--再次查看審計策略
select * from DBA_STMT_AUDIT_OPTS;
## 1.4 查看審計日志 ##
--查看審計日志
select * from DBA_AUDIT_TRAIL;
## 1.5 關閉審計 ##
--關閉審計
alter system set audit_trail=none scope=spfile;
alter system set audit_sys_operations=false scope=spfile;
--重啟庫生效
shutdown immediate
startup
--最后確定審計已關閉
SQL> show parameter audit
NAME TYPE VALUE
audit_file_dest string /opt/app/oracle/admin/vas/adum
p
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string NONE
<h1 id="2">2. 對數據庫監聽器的關閉和啟動設置密碼</h1>
可參考轉載文章:[【轉載】oracle 9i、10g、11g數據庫設置listener密碼的方法](http://www.cnblogs.com/jyzhao/articles/4860790.html)