oracle 11g开审计 文件过大怎么管理
Oracle 的审计实在是鸡肋,审计日志增加猛速,而且加大系统负荷,降低系统性能。
成都创新互联公司长期为1000多家客户提供的网站建设服务,团队从业经验10年,关注不同地域、不同群体,并针对不同对象提供差异化的产品和服务;打造开放共赢平台,与合作伙伴共同营造健康的互联网生态环境。为西湖企业提供专业的网站建设、成都网站建设,西湖网站改版等技术服务。拥有十载丰富建站经验和众多成功案例,为您定制开发。
依我们在生产系统的作法就是禁用审计,禁用后清除审计日志。
处理方法:
1、查看审计功能是否开启
sqlplus "/as sysdba"
SQL show parameter audit;
NAME TYPE VALUE
-------------------- ------- --------------------------------
audit_file_dest string /u01/app/oracle/admin/ORCL/adump
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string DB
说明:表明审计功能为开启的状态
2、关闭oracle的审计功能
SQL alter system set audit_sys_operations=FALSE scope=spfile;
System altered.
SQL alter system set audit_trail=NONE scope=spfile;
System altered.
3、重启数据库
SQL shutdown immediate;
SQL startup;
4、验证审计是否已经被关闭
SQL show parameter audit;
NAME TYPE VALUE
-------------------- ------- --------------------------------
audit_file_dest string /u01/app/oracle/admin/ORCL/adump
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string NONE
说明:表明审计功能为关闭的状态
5、清空审计表数据
SQL truncate table SYS.AUD$;
请问oracle审计功能如何实现启动关闭功能?
真细说起来比较多,如果审计普通用户,google audit_trail,如果审计DBA用户google audit_sys_operations
如何开启和关闭oracle数据库中的审计功能
二、审计可以分为3类。
或者说,可以从3种角度去启用审计。
1、语句审计(Statement Auditing)。
对预先指定的某些SQL语句进行审计。这里从SQL语句的角度出发,进行指定。审计只关心执行的语句。
例如,audit CREATE TABLE;命令,就表明对"create table"语句的执行进行记录。 不管这语句是否是针对某个对象的操作
2、权限审计(Privilege Auditing)
对涉及某些权限的操作进行审计。这里强调“涉及权限”
例如,audit CREATE TABLE;命令,又可以表明对涉及“CREATE TABLE”权限的操作进行审计。
所以说,在这种命令的情况下,既产生一个语句审计,又产生了一个权限审计。
有时候“语句审计”和“敞氦搬教植寄邦犀鲍篓权限审计”的相互重复的。这一点可以后面证明。
3、对象审计(Object Auditing)。 记录作用在指定对象上的操作。
如何关闭Oracle11g数据库的审计功能?
在oracle11g中,数据库的审计功能是默认开启的(这和oracle10g的不一样,10g默认是关闭的),\x0d\x0aoracle11gR2的官方文档上写的是错的,当上说default是none,而且是审计到DB级别的,这样就会\x0d\x0a往aud$表里记录统计信息。\x0d\x0a \x0d\x0a1.如果审计不是必须的,可以关掉审计功能;\x0d\x0a\x0d\x0aSQL show parameter audit_trail;\x0d\x0a\x0d\x0aNAME TYPE VALUE\x0d\x0a------------------------------------ ----------- ------------------------------\x0d\x0aaudit_trail string DB\x0d\x0a\x0d\x0aSQL alter system set audit_trail=none scope=spfile;\x0d\x0aSQL shut immediate;\x0d\x0aSQLstartup\x0d\x0a2.删除已有的审计信息\x0d\x0a可以直接truncate表aud$,\x0d\x0atruncate table SYS.AUD$;\x0d\x0a\x0d\x0a3.或者将aud$表移到另外一个表空间下,以减少system表空间的压力和被撑爆的风险。\x0d\x0a \x0d\x0a附:11g中有关audit_trail参数的设置说明:\x0d\x0aAUDIT_TRAIL\x0d\x0aProperty Description\x0d\x0aParameter type String\x0d\x0aSyntaxAUDIT_TRAIL = { none | os | db [, extended] | xml [, extended] }\x0d\x0aDefault valuenone\x0d\x0aModifiable No\x0d\x0aBasic No\x0d\x0aAUDIT_TRAIL enables or disables database auditing.\x0d\x0aValues:\x0d\x0anone\x0d\x0aDisables standard auditing. This value is the default if the AUDIT_TRAIL parameter was not set \x0d\x0ain the initialization parameter file or if you created the database using a method other than \x0d\x0aDatabase Configuration Assistant. If you created the database using Database Configuration \x0d\x0aAssistant, then the default is db.\x0d\x0aos\x0d\x0aDirects all audit records to an operating system file. Oracle recommends that you use the os \x0d\x0asetting, particularly if you are using an ultra-secure database configuration.\x0d\x0adb\x0d\x0aDirects audit records to the database audit trail (the SYS.AUD$ table), except for records \x0d\x0athat are always written to the operating system audit trail. Use this setting for a general \x0d\x0adatabase for manageability.\x0d\x0aIf the database was started in read-only mode with AUDIT_TRAIL set to db, then Oracle Database \x0d\x0ainternally sets AUDIT_TRAIL to os. Check the alert log for details.\x0d\x0adb, extended\x0d\x0aPerforms all actions of AUDIT_TRAIL=db, and also populates the SQL bind and SQL text CLOB-type \x0d\x0acolumns of the SYS.AUD$ table, when available. These two columns are populated only when this \x0d\x0aparameter is specified.\x0d\x0aIf the database was started in read-only mode with AUDIT_TRAIL set to db, extended, then Oracle \x0d\x0aDatabase internally sets AUDIT_TRAIL to os. Check the alert log for details.\x0d\x0axml\x0d\x0aWrites to the operating system audit record file in XML format. Records all elements of the \x0d\x0aAuditRecord node except Sql_Text and Sql_Bind to the operating system XML audit file.\x0d\x0axml, extended\x0d\x0aPerforms all actions of AUDIT_TRAIL=xml, and populates the SQL bind and SQL text CLOB-type columns\x0d\x0a of the SYS.AUD$ table, wherever possible. These columns are populated only when this parameter \x0d\x0ais specified.\x0d\x0aYou can use the SQL AUDIT statement to set auditing options regardless of the setting of this \x0d\x0aparameter.
oracle rac如何关闭grid数据库审计
aix平台上,从 rac 环境 tar 过来的oracle软件,直接解包到新机器上,目标环境是单机,则需要关闭 rac 选项。
1. Login as the Oracle software owner and shutdown all database instances on all nodes in the cluster.
网站名称:oracle怎么关审计,oracle查看审计策略
浏览路径:http://lswzjz.com/article/hecees.html