首先確保Oracle初始化參數audit_trail值為DB或OS,通過“show parameter audit_trail;”查看。
1 語句審計
audit table by test by access;
select * from dba_stmt_audit_opts; --查看是否創建語句審計成功
select * from employee_log;
delete from employee_log where l_date ='2018-09-27 16:15:43';
select * from dba_audit_trail; --查看審計記錄
2 對象審計
audit delete on test.employee_log by access;
select * from dba_obj_audit_opts; --查看是否創建對象審計成功
select * from employee_log;
delete from employee_log where l_date ='2018-09-27 16:15:43';
select * from dba_audit_trail; --查看審計記錄
3 權限審計
audit select any table;--創建權限審計
--確保當前用戶有select any table系統權限
select * from dba_priv_audit_opts;--查看是否創建權限審計成功
select * from employee_log;
select * from dba_audit_trail; ---查看審計記錄
4 精細審計
begin
dbms_fga.add_policy(
object_schema=>'test',
object_name=>'employee_log',
policy_name=>'fga_test',
audit_column=>'l_date',
enable=>true,
statement_types=>'select'
);
end; ---創建精細審計
select * from dba_audit_policies; --查看是否創建精細審計成功
select * from employee_log where l_date ='2018-09-27 16:15:43';
select * from dba_fga_audit_trail;--查看精細審計記錄
select * from employee_log;
select * from dba_fga_audit_trail;