亚洲春色欧美激情

<form id=WZeJxaBel><nobr id=WZeJxaBel></nobr></form>

<address id=WZeJxaBel><nobr id=WZeJxaBel><nobr id=WZeJxaBel></nobr></nobr></address>

首頁 > 數據庫 > 詳細

數據庫審計audit

時間：2021-06-28 17:41:58 阅读：0 評論：0 收藏：0 [點我收藏+]

標簽：存儲 acl 創建不成功 tno 數據 parameter uid res

數據庫审计audit

官方文檔入口：

　　Security Guide

技术图片

　　审计，意味着捕获并且存儲系统发生的信息，确实增加了系统的工作量。审计必须要专注于值得引起关心的事件。【審計必須集中，以便只捕獲感興趣的事件】適當的集中審計會對系統性能減少影響，相反則會對系統性能造成很大影響

强制审计：所有Oracle數據庫都会审计某些操作，而不考虑其他审计选项或审计参数。强制审计日志的原因是數據庫需要记录一些數據庫活动，比如特权用户的连接
标准數據庫审计：选择要审计的对象和权限，并創建适当的审计策略
基于值的審計：扩展标准數據庫审计，不仅捕获发生的审计事件，还捕获插入、更新或刪除的实际值。基于值的審計是通过數據庫触发器实现的
细粒度审计(FGA)：扩展标准數據庫审计，捕获发出的实际SQL语句，而不仅仅是事件发生的事实

1 功能和類別

1）功能：監控特定用戶在database的action（操作）

2）審計種類

标准數據庫审计（①语句审计、②权限审计、③对象审计）
基于值的審計（Value-Based，觸發器審計）
精細審計（FGA）
統一審計

2 審計有關參數

show parameter audit

技术图片

audit_trail參數主要選項：

none 不启用audit
db 将审计结果放在數據字典基表sys.aud$中，（一般用于审计非sys用户）os 将审计结果存放到操作系统的文件里，audit_file_dest指定的位置，一般用于审计sys
- 　　db，extended，可以包括綁定變量，CLOB類型大對象等審計信息（考點）

3 标准數據庫审计的三个级别

技术图片

技术图片

查看標准審計結果可以通過視圖dba_audit_trail，該視圖讀取aud$內容

3.1 语句审计

audit table;

按語句來審計，比如audit table会审计數據庫中所有的create table, drop table, truncate table語句，執行成功或不成功都可審計

3.2 系统权限审计

audit select any table;

按权限来审计，当用户使用了该权限则被审计，如执行grant select any table to a;当用户a访问了用户b的表时（如select * from b.t;）会用到select any table权限，故会被审计。用户访问自己的表不会被审计

3.3 對象權限審計

audit update on scott.emp;

按对象审计，只审计on关键字指定对象的相关操作，如: aduit alter,delete,drop,insert ondamon.t by scott;这里会对damon用户的t表进行审计，但同时使用了by子句，所以只会对scott用户发起的操作进行审计

4 基于值的審計

技术图片

它拓展了标准數據庫审计，不仅捕捉审计事件，还捕捉那些被insert,update 和 delete的值。由于基于值的審計是通过触发器来实现。所以可以选择哪些信息进入审计记录，比如只记录提交的信息

5 精細審計Fine Grained Auditing (FGA)

技术图片

5.1 特點

拓展了标准數據庫审计，捕捉准确的SQL語句。審計訪問特定行或特定列。操作可以使用dbms_fga包。精細審計一般不包括sys用戶，目前EM中只有标准數據庫审计，还没有包括基于值的審計和精細審計

5.2 創建測試用户、測試表

drop user demo cascade;
grant connect,resource to demo identified by oracle;
create table scott.emp1 as select * from scott.emp;
grant all on scott.emp1 to demo;

技术图片

5.3 添加一個精細度審計策略

desc dbms_fga

技术图片

begin
  dbms_fga.add_policy(
    object_schema=>‘scott‘,
    object_name=>‘emp1‘,
    policy_name=>‘chk_emp1‘,
    audit_condition =>‘deptno=20‘,
    audit_column =>‘sal‘,
    statement_types =>‘update,select‘);
end;
/

技术图片

5.4 測試

select * from emp1 where deptno=20;

技术图片

update scott.emp1 set sal=8000 where empno=7902;

技术图片

select empno,ename from scott.emp1 where deptno=20;

缺少sal列，不審計

技术图片

select empno,ename,sal from scott.emp1 where deptno=20;

虽然符合条件，但默认不审计 sys

技术图片

sys查詢

技术图片

5.5 驗證審計結果

col db_user for a10
col sql_text for a60
select db_user,to_char(timestamp,‘yyyy-mm-dd hh24:mi:ss‘) "time" ,sql_text from dba_fga_audit_trail;

技术图片

可以看出，必須同時滿足了所有審計條件（前面定義的）才能入選。另外沒有審計SYS

5.6 刪除FGA策略

exec dbms_fga.drop_policy(object_schema=>‘scott‘,object_name=>‘emp1‘,policy_name=>‘chk_emp1‘);

技术图片

清除審計記錄

truncate table fga_log$;

技术图片

數據庫審計audit

標簽：存儲 acl 創建不成功 tno 數據 parameter uid res

原文地址：https://www.cnblogs.com/jsxxd/p/14931590.html

踩

(0)

贊

(0)

舉報

評論一句话評論（0）

分享檔案

更多>

2021年07月29日 (22)
2021年07月28日 (40)
2021年07月27日 (32)
2021年07月26日 (79)
2021年07月23日 (29)
2021年07月22日 (30)
2021年07月21日 (42)
2021年07月20日 (16)
2021年07月19日 (90)
2021年07月16日 (35)

周排行

更多

友情鏈接

蘭亭集智國之畫百度統計站長統計阿裏雲 chrome插件新版天聽網

關于我們 - 聯系我們 - 留言反饋

? 2014 mamicode.com 版權所有聯系我們:gaon5@hotmail.com

迷上了代碼！

"I acquaint the inhabitants of Liège of this, that they may understand what fate threatens them if they should assume a similar attitude. A raiding party of hostiles had passed near the fort, and had killed, with particular atrocity, a family of settlers. The man and his wife had been tortured to death, the baby had had its brains beaten out against the trunk of a tree, a very young child had been hung by the wrist tendons to two meat hooks on the walls of the ranch-house, and left there to die. One big boy had had his eyelids and lips and nose cut off, and had been staked down to the ground with his remains of a face lying over a red-ant hole. Only two had [Pg 196]managed to escape,—a child of ten, who had carried his tiny sister in his arms, twenty miles of ca?ons and hills, to the post. Every engine of the English Court was put in motion to prevent the Electoral Prince from coming. Oxford had an interview with Schutz, in which he repeated that it was his applying for the writ to the Lord Chancellor instead of to the queen that had done all the mischief; that her Majesty, had it not been for this untoward incident, would have invited the Prince to come over and spend the summer in England—forgetting, as Schutz observed, that the minute before he had assured him that the queen was too much afraid of seeing any of that family here. He advised Schutz—who could not be convinced that he had done anything irregular in his application, quoting numerous proofs to show that it was the accustomed mode of applying for writs—to avoid appearing again at Court; but Schutz, not seeming disposed to follow that advice, immediately received a positive order to the same effect from the queen through another channel. Schutz, therefore, lost no time in returning to Hanover to justify himself. At the same time, Lord Strafford was instructed to write from the Hague, blaming the conduct of Schutz in applying for the writ in the manner he did, as disrespectful to the queen; for, though strictly legal for an absent peer to make such application, the etiquette was that he should defer it till he could do it personally. Strafford ridiculed the idea of any movement being afoot in favour of the Pretender, and observed that, as to sending him out of the Duke of Lorraine's territory, it was not practicable, because the French king maintained that he had fulfilled the treaty, Lorraine not being any part of France. On the other hand, there were striking signs that the cause[17] of Hanover was in the ascendant. Men who watched the course of events decided accordingly. Marlborough, who so lately had been making court to the Pretender, now wrote from Antwerp, urging the House of Hanover to send over the prince without delay to England; that the state of the queen's health made prompt action necessary; and that the presence of the prince in London would secure the succession without risk, without expense, and without war, and was the likeliest measure of inducing France to abandon its design of assisting the Pretender. Shorty had been frantically trying to catch the Deacon's eye, and was making all manner of winks and warning gestures without avail, for the Deacon answered frankly: "Sure you do," Dodd said, and his voice began to rise. He went to the bed, walked along its length to the window, as he talked, never facing Albin. "You know how to make me feel just fine, no worries at all, no complications, just a nice, simple life. With nothing at all in it, Albin. Nothing at all." J. O., I mean it. "Good-bye, my Bluebell, farewell to you, "Cudn't spare one hand to fetch over fifteen—that's a valiant idea. Now d?an't go loitering; fetch out your cattle afore they're roast beef, git out the horses and all the stock—and souse them ricks wot ?un't burning yit." "Do you know my voice?" asked one of Wells's companions. HoME 亚洲春色欧美激情 ENTER NUMBET 0010www.cejuyi.org.cn
dabaimi.com.cn
www.exgoknd.com.cn
www.ivddvd.org.cn
www.maskids.com.cn
mczyz.org.cn
www.mhzxwg.com.cn
ntonline.org.cn
www.synacrc3.com.cn
www.yorkplus.org.cn