BRIEF about AUDIT
Auditing is the monitoring and recording of selected user database actions. To perform auditing, you must be granted the appropriate system privileges
privillages
****************
AUDIT_ADMIN
ADDIT_VIEWER
2WAYS of AUDIT
*****************
SESSION
ACCESS-----STATEMENT LEVEL
AUDIT ALL BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
AUDIT EXECUTE PROCEDURE BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
note:By ACCESS and WHENEVER SUCCESSFUL/NOT SUCCESSFULL is optional
CHECK audit is enabled/not
************************
sqlplus / as sysdba
show parameter audit
AUDIT PARAMETERS
*******************
Audit_TRAIL = NONE/DB/OS/XML/DB_EXTENDED/XML_EXTENDED
Audit_file_dest = <path audit destination>
Audit_sys_operations = TRUE/FALSE
to chage these parameters follow this
ALTER SYSTEM SET Audit_TRAIL = < NONE/DB/OS/XML/DB_EXTENDED/XML_EXTENDED > SCOPE=BOTH/SPFILE/PFILE;
ALTER SYSTEM SET Audit_file_dest = < path where u want audit files > SCOPE=BOTH/SPFILE/PFILE
ALTER SYSTEM SET Audit_sys_operations = TRUE/FALSE SCOPE=BOTH/SPFILE/PFILE
NOTE:when ever chaged the audit parameters u need to RESTART the DB
enable audit
***************
ALTER SYSTEM SET audit_sys_operations=TRUE COMMENT='Begin auditing SYS' SCOPE=BOTH;
Audit VIEWS
*************
DBA_AUDIT_TRAIL--------------------view to check the auditing
AUD$-------------------------------------view
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_POLICIES
DBA_AUDIT_POLICY_COLUMNS
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_COMMON_AUDIT_TRAIL
DBA_FGA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_REPAUDIT_ATTRIBUTE
DBA_REPAUDIT_COLUMN
DBA_STMT_AUDIT_OPTS
Auditing is the monitoring and recording of selected user database actions. To perform auditing, you must be granted the appropriate system privileges
privillages
****************
AUDIT_ADMIN
ADDIT_VIEWER
2WAYS of AUDIT
*****************
SESSION
ACCESS-----STATEMENT LEVEL
AUDIT ALL BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
AUDIT EXECUTE PROCEDURE BY <username> BY ACCESS WHENEVER SUCCESSFUL/NOT SUCCESSFULL;
note:By ACCESS and WHENEVER SUCCESSFUL/NOT SUCCESSFULL is optional
CHECK audit is enabled/not
************************
sqlplus / as sysdba
show parameter audit
AUDIT PARAMETERS
*******************
Audit_TRAIL = NONE/DB/OS/XML/DB_EXTENDED/XML_EXTENDED
Audit_file_dest = <path audit destination>
Audit_sys_operations = TRUE/FALSE
to chage these parameters follow this
ALTER SYSTEM SET Audit_TRAIL = < NONE/DB/OS/XML/DB_EXTENDED/XML_EXTENDED > SCOPE=BOTH/SPFILE/PFILE;
ALTER SYSTEM SET Audit_file_dest = < path where u want audit files > SCOPE=BOTH/SPFILE/PFILE
ALTER SYSTEM SET Audit_sys_operations = TRUE/FALSE SCOPE=BOTH/SPFILE/PFILE
NOTE:when ever chaged the audit parameters u need to RESTART the DB
enable audit
***************
ALTER SYSTEM SET audit_sys_operations=TRUE COMMENT='Begin auditing SYS' SCOPE=BOTH;
Audit VIEWS
*************
DBA_AUDIT_TRAIL--------------------view to check the auditing
AUD$-------------------------------------view
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_POLICIES
DBA_AUDIT_POLICY_COLUMNS
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_COMMON_AUDIT_TRAIL
DBA_FGA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_REPAUDIT_ATTRIBUTE
DBA_REPAUDIT_COLUMN
DBA_STMT_AUDIT_OPTS
No comments:
Post a Comment