10g初始化参数AUDIT_TRAIL变化（一）

 

在9i中，初始化参数AUDIT_TRAIL只有NONE、DB和OS三个可选值，而在10g中，Oracle又增加了几个新的选项。

这篇介绍XML选项。

 

 

数据库版本和默认AUDIT_TRAIL参数设置：

SQL> select * from v$version;

BANNER

----------------------------------------------------------------

Oracle Database10gEnterpriseEdition Release10.2.0.3.0 - 64bi

PL/SQL Release 10.2.0.3.0 - Production

CORE    10.2.0.3.0      Production

TNS for Linux: Version 10.2.0.3.0 - Production

NLSRTL Version 10.2.0.3.0 - Production

SQL> show parameter audit_trail

NAME                                 TYPE        VALUE

------------------------------------ ----------- ------------------------------

audit_trail                          string      NONE

下面设置参数为XML，并重启数据库：

SQL> alter system set audit_trail = xml scope = spfile;

System altered.

SQL> conn / as sysdba

Connected.

SQL> shutdown immediate

Database closed.

Database dismounted.

ORACLE instance shut down.

SQL> startup

ORACLE instance started.

Total System Global Area 2147483648 bytes

Fixed Size                  2074112 bytes

Variable Size             486541824 bytes

Database Buffers         1644167168 bytes

Redo Buffers               14700544 bytes

Database mounted.

Database opened.

SQL> show parameter audit

NAME                                 TYPE        VALUE

------------------------------------ ----------- ------------------------------

audit_file_dest                      string      /opt/ora10g/admin/primary/adump

audit_sys_operations                 boolean     FALSE

audit_syslog_level                   string

audit_trail                          string      XML

数据库中开启审计并触发：

SQL> audit create table;

Audit succeeded.

SQL> conn test/test

Connected.

SQL> create table t_audit (id number);

Table created.

虽然XML参数设置会使得审计信息写到操作系统中，不过Oracle仍然提供了视图可以访问到所有的AUDIT记录：

SQL> select audit_type, db_user, object_name, statement_type, sql_text, os_privilege

  2  from dba_common_audit_trail;

AUDIT_TYPE             DB_USER  OBJECT_NAME  STATEMENT_TYPE  SQL_TEXT             OS_PRIV

---------------------- -------- ------------ --------------- -------------------- -------

Mandatory XML Audit    /                                     CONNECT              SYSDBA

Mandatory XML Audit    /                                     CONNECT              SYSDBA

Standard XML Audit     TEST     T_AUDIT      CREATE TABLE

DBA_COMMON_AUDIT_TRAIL视图提供了包括OS、DB和XML所有目的地的AUDIT_TRAIL，而V$XML_AUDIT_TRAIL则只包含XML格式的记录。

SQL> select audit_type, db_user, object_name, statement_type, sql_text, os_privilege

  2  from v$xml_audit_trail;

AUDIT_TYPE DB_USER  OBJECT_NAME  STATEMENT_TYPE SQL_TEXT                       OS_PRIV

---------- -------- ------------ -------------- ------------------------------ -------

         8 /                                  0 CONNECT                        SYSDBA

         8 /                                  0 CONNECT                        SYSDBA

         1 TEST     T_AUDIT                   0

也可以在操作系统上检查对应的AUDIT_TRAIL的XML文件：

[oracle@yans1 ~]$ cd /opt/ora10g/admin/primary/adump/

[oracle@yans1 adump]$ more ora_3221182856.xml

<?xml version="1.0" encoding="UTF-8"?>

  <Audit xmlns="http://xmlns.oracle.com/oracleas/schema/dbserver_audittrail-10_2.xsd"

   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

   xsi:schemaLocation="http://xmlns.oracle.com/oracleas/schema/dbserver_audittrail-10_2.xsd">

   <Version>10.2</Version>

<AuditRecord><Audit_Type>1</Audit_Type><Session_Id>20002</Session_Id><StatementId>7</StatementId><EntryId>1</EntryId><Extended_Times

tamp>2010-12-06T21:34:29.880932</Extended_Timestamp><DB_User>TEST</DB_User><OS_User>oracle</OS_User><Userhost>yans1</Userhost><OS_Pr

ocess>8655</OS_Process><Terminal>pts/2</Terminal><Instance_Number>0</Instance_Number><Object_Schema>TEST</Object_Schema><Object_Name

>T_AUDIT</Object_Name><Action>1</Action><TransactionId>10001E0003000000</TransactionId><Returncode>0

</Returncode><Scn>0</Scn>

</AuditRecord>

 

（以上内容摘于网络，如有侵权，请告之，将第一时间删除）