測試庫用戶總被鎖定,下面內容是查看登錄失敗客戶端信息,以及獲取登錄失敗的客戶端IP
--使用sys身份登錄
--1.查看用戶狀態,到期時間,鎖定時間等
select username,lock_date,profile,EXPIRY_DATE from dba_users order by EXPIRY_DATE desc;
--2.查看默認策略配置
select * from dba_profiles where profile='DEFAULT';
--3.查看登錄失敗數
select lcount from user$ where name='HSP';
--4.查看審計信息(包含登錄用戶,客戶端等)
select sessionid,userid,userhost,comment$text,spare1,to_char(ntimestamp#+1/3,'yyyy-mm-dd hh24:mi:ss') from aud$
where returncode=1017 order by ntimestamp# desc;
--1.查看用戶狀態,到期時間,鎖定時間等
select username,lock_date,profile,EXPIRY_DATE from dba_users order by EXPIRY_DATE desc;
--2.查看默認策略配置
select * from dba_profiles where profile='DEFAULT';
--3.查看登錄失敗數
select lcount from user$ where name='HSP';
--4.查看審計信息(包含登錄用戶,客戶端等)
select sessionid,userid,userhost,comment$text,spare1,to_char(ntimestamp#+1/3,'yyyy-mm-dd hh24:mi:ss') from aud$
where returncode=1017 order by ntimestamp# desc;
---------------------創建觸發器捕獲登錄用ip等信息-------------
--1. 設置會話客戶的id號;
BEGIN
DBMS_SESSION.set_identifier(SYS_CONTEXT('USERENV', 'IP_ADDRESS'));
END;
--1. 設置會話客戶的id號;
BEGIN
DBMS_SESSION.set_identifier(SYS_CONTEXT('USERENV', 'IP_ADDRESS'));
END;
--2.創建觸發器
CREATE OR REPLACE TRIGGER logon_trigger
after logon on database
begin
dbms_application_info.set_client_info(sys_context( 'userenv', 'ip_address' ) );
end;
--3.查看連接Oracle的IP信息
SELECT USERNAME,
PROGRAM,
MACHINE,
CLIENT_INFO,
SYS_CONTEXT('userenv', 'ip_address') AS IPADD
FROM V$SESSION S
WHERE USERNAME IS NOT NULL ORDER BY USERNAME, PROGRAM, MACHINE;
--4.創建觸發器,記錄連接失敗信息
CREATE OR REPLACE TRIGGER logon_to_alert
AFTER servererror ON DATABASE
DECLARE
message VARCHAR2(168);
ip VARCHAR2(15);
v_os_user VARCHAR2(80);
v_module VARCHAR2(50);
v_action VARCHAR2(50);
v_pid VARCHAR2(10);
v_sid NUMBER;
v_program VARCHAR2(48);
BEGIN
IF(ora_is_servererror(1017)) THEN
IF upper(sys_context('userenv', 'network_protocol')) = 'TCP' THEN
ip := sys_context('userenv', 'ip_address');
END IF;
SELECT sid INTO v_sid FROM sys.v_$mystat WHERE rownum < 2;
SELECT p.spid, v.program
INTO v_pid, v_program
FROM v$process p, v$session v
WHERE p.addr = v.paddr
AND v.sid = v_sid;
v_os_user := sys_context('userenv', 'os_user');
dbms_application_info.read_module(v_module, v_action);
message := to_char(SYSDATE, 'YYYYMMDD HH24MISS') ||
' logon denied from ' || nvl(ip,'localhost') || ' ' ||
v_pid || ' ' || v_os_user || 'with ' || v_program || ' – ' ||
v_module || ' ' || v_action;
sys.dbms_system.ksdwrt(2, message);
END IF;
END;
CREATE OR REPLACE TRIGGER logon_trigger
after logon on database
begin
dbms_application_info.set_client_info(sys_context( 'userenv', 'ip_address' ) );
end;
--3.查看連接Oracle的IP信息
SELECT USERNAME,
PROGRAM,
MACHINE,
CLIENT_INFO,
SYS_CONTEXT('userenv', 'ip_address') AS IPADD
FROM V$SESSION S
WHERE USERNAME IS NOT NULL ORDER BY USERNAME, PROGRAM, MACHINE;
--4.創建觸發器,記錄連接失敗信息
CREATE OR REPLACE TRIGGER logon_to_alert
AFTER servererror ON DATABASE
DECLARE
message VARCHAR2(168);
ip VARCHAR2(15);
v_os_user VARCHAR2(80);
v_module VARCHAR2(50);
v_action VARCHAR2(50);
v_pid VARCHAR2(10);
v_sid NUMBER;
v_program VARCHAR2(48);
BEGIN
IF(ora_is_servererror(1017)) THEN
IF upper(sys_context('userenv', 'network_protocol')) = 'TCP' THEN
ip := sys_context('userenv', 'ip_address');
END IF;
SELECT sid INTO v_sid FROM sys.v_$mystat WHERE rownum < 2;
SELECT p.spid, v.program
INTO v_pid, v_program
FROM v$process p, v$session v
WHERE p.addr = v.paddr
AND v.sid = v_sid;
v_os_user := sys_context('userenv', 'os_user');
dbms_application_info.read_module(v_module, v_action);
message := to_char(SYSDATE, 'YYYYMMDD HH24MISS') ||
' logon denied from ' || nvl(ip,'localhost') || ' ' ||
v_pid || ' ' || v_os_user || 'with ' || v_program || ' – ' ||
v_module || ' ' || v_action;
sys.dbms_system.ksdwrt(2, message);
END IF;
END;
--5.查看文件位置(參考)
select tracefile from v$process;
select tracefile from v$process;
/data/oracle/diag/rdbms/orcl/orcl/trace/alert_orcl.log --(參考位置)
--失敗內容(參考)
--失敗內容(參考)
Fatal NI connect error 12170.
VERSION INFORMATION:
TNS for Linux: Version 11.2.0.1.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.1.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 11.2.0.1.0 - Production
Time: 13-DEC-2020 17:46:45
Tracing not turned on.
Tns error struct:
ns main err code: 12535
TNS-12535: TNS:operation timed out
ns secondary err code: 12606
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.72.1)(PORT=52256))
WARNING: inbound connection timed out (ORA-3136)
TNS for Linux: Version 11.2.0.1.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.1.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 11.2.0.1.0 - Production
Time: 13-DEC-2020 17:46:45
Tracing not turned on.
Tns error struct:
ns main err code: 12535
TNS-12535: TNS:operation timed out
ns secondary err code: 12606
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.72.1)(PORT=52256))
WARNING: inbound connection timed out (ORA-3136)
參考鏈接1:http://blog.itpub.net/31519308/viewspace-2717885/
參考鏈接2:http://blog.itpub.net/29487349/viewspace-1102744/