Oracle 12c统一审计
Oracle Database 12c 推出一套全新的审计架构,称为统一审计功能。统一审计主要利用策略和条件在 Oracle 数据库内部有选择地执行有效的审计。新架构将现有审计跟踪统一为单一审计跟踪,从而简化了管理,提高了数据库生成的审计数据的安全性。
默认开启的审计策略
12c数据库中预先定义了一些审计策略,可以通过auditunifiedenabled_policies视图进行确认默认开启的统一审计的审计策略。
SQL>select USER_NAME,POLICY_NAME,ENABLED_OPT,SUCCESS,FAILURE from audit_unified_enabled_policies;
USER_NAME POLICY_NAME ENABLED SUC FAI
------------- ------------------ ------- --- ---
ALL USERS ORA_SECURECONFIG BY YES YES
ALL USERS ORA_LOGON_FAILURES BY NO YES
- 1
- 2
- 3
- 4
- 5
禁用审计策略
SQL> noaudit policy ORA_SECURECONFIG;
Noaudit succeeded.
- 1
- 2
启用审计策略
SQL> audit policy ORA_SECURECONFIG;
Audit succeeded.
- 1
- 2
定制审计策略
CREATE AUDIT POLICY policy_name
{ {privilege_audit_clause [action_audit_clause ] [role_audit_clause ]}
| { action_audit_clause [role_audit_clause ] }
| { role_audit_clause }
}
[WHEN audit_condition EVALUATE PER {STATEMENT|SESSION|INSTANCE}]
[CONTAINER = {CURRENT | ALL}];
privilege_audit_clause :=
PRIVILEGES privilege1 [, privilege2]
action_audit_clause :=
{standard_actions | component_actions} [, component_actions ]
standard_actions :=
ACTIONS action1 [ ON {schema.obj_name | DIRECTORY directory_name| MINING MODEL schema.obj_name }] [, action2 [ ON {schema.obj_name| DIRECTORY directory_name | MINING MODEL schema.obj_name }]
component_actions :=
ACTIONS COMPONENT=[OLS|XS] action1 [,action2 ] |
ACTIONS COMPONENT=DV DV_action ON DV_object_name |
ACTIONS COMPONENT=DATAPUMP [ EXPORT | IMPORT | ALL ] |
ACTIONS COMPONENT=DIRECT_LOAD [ LOAD | ALL ]
role_audit_clause := ROLES role1 [, role2]
WHEN 'audit_condition := function operation value_list'
EVALUATE PER {STATEMENT|SESSION|INSTANCE}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
例子:
CREATE AUDIT POLICY table_pol
PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE
ROLES emp_admin, sales_admin;