oracle 如何使用Oracle审计某个表中的删除?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/8732389/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to audit deletes in a certain table with Oracle?
提问by Mike Christensen
I'm trying to record DELETEstatements in a certain table using Oracle's auditing features. I ran:
我正在尝试DELETE使用 Oracle 的审计功能在某个表中记录语句。我跑了:
SQL> AUDIT DELETE TABLE BY TPMDBO BY ACCESS;
Audit succeeded.
I'm unclear if this audits the deletion of a table schema itself (ie, dropping the table), or if it audits the deletion of one or more rows within any table (ie, the delete command). If the latter, how do I limit this auditing to only a table called Foo? Thanks!
我不清楚这是否审核表模式本身的删除(即删除表),或者它是否审核任何表中一行或多行的删除(即删除命令)。如果是后者,我如何将此审计限制为仅名为 的表Foo?谢谢!
UPDATE:
更新:
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- -------------
audit_file_dest string /backup/audit
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string XML, EXTENDED
回答by kubanczyk
There is a new feature called fine-grained auditing (FGA), that stores log in SYS.FGA_LOG$ instead SYS.AUD$. Here is the FGA manual.
有一个称为细粒度审计 (FGA) 的新功能,它将日志存储在 SYS.FGA_LOG$ 而不是 SYS.AUD$。这是FGA 手册。
BEGIN
DBMS_FGA.ADD_POLICY(
object_schema => 'HR',
object_name => 'FOO',
policy_name => 'my_policy',
policy_owner => 'SEC_MGR',
enable => TRUE,
statement_types => 'DELETE',
audit_condition => 'USER = ''myuser''',
audit_trail => DBMS_FGA.DB);
END;
/
Yes, your original command should audit DELETE operations (not DROP) for this user on all tables. Examine show parameter audit
是的,您的原始命令应该审核此用户在所有表上的 DELETE 操作(而不是 DROP)。检查show parameter audit
