SCADA如何将操作日志写入到oracle数据库中
1个回答
展开全部
The answer by the first respondent is totally wrong. ARCHIVELOG/NONARCHIVELOG has nothing to do with what you ask for. ARCHIVELOG/NONARCHIVELOG is about the recoverbility of the database, but what you want is "Auditing" in Oracle, which is about monitoring users' activities in database.
The auditing mechanism for Oracle is extremely flexible, so I'll only talk about performing full auditing on a single user.
1. Database server setup
To allow auditing on the server you must:
Set "audit_trail = true" in the init.ora file.
Run the $ORACLE_HOME/rdbms/admin/cataudit.sql script while connected as SYS.
2. Audit Options
Assuming that the "AAA" user is to be audited:
CONNECT sys/password AS SYSDBA
AUDIT ALL BY AAA BY ACCESS;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY AAA BY ACCESS;
AUDIT EXECUTE PROCEDURE BY AAA BY ACCESS;
These options audit all DDL and DML issued by "AAA", along with some system events.
DDL (CREATE, ALTER & DROP of objects)
DML (INSERT UPDATE, DELETE, SELECT, EXECUTE).
SYSTEM EVENTS (LOGON, LOGOFF etc.)
3. View Audit Trail
The audit trail is stored in the SYS.AUD$ table. It's contents can be viewed directly or via the following views:
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_STMT_AUDIT_OPTS
The audit trail contains a lot of data, but the following are most likely to be of interest:
Username: Oracle Username.
Terminal: Machine that the user performed the action from.
Timestamp: When the action occured.
Object Owner: The owner of the object that was interacted with.
Object Name: The name of the object that was interacted with.
Action Name: The action that occured against the object. (INSERT, UPDATE, DELETE, SELECT, EXECUTE)
4. Maintenance
The audit trail must be deleted/archived on a regular basis to prevent the SYS.AUD$ table growing to an unnacceptable size.
5. Security
Only DBAs should have maintenance access to the audit trail. Auditing modifications of the data in the audit trail itself can be achieved as follows:
AUDIT INSERT, UPDATE, DELETE ON sys.aud$ BY ACCESS;
The auditing mechanism for Oracle is extremely flexible, so I'll only talk about performing full auditing on a single user.
1. Database server setup
To allow auditing on the server you must:
Set "audit_trail = true" in the init.ora file.
Run the $ORACLE_HOME/rdbms/admin/cataudit.sql script while connected as SYS.
2. Audit Options
Assuming that the "AAA" user is to be audited:
CONNECT sys/password AS SYSDBA
AUDIT ALL BY AAA BY ACCESS;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY AAA BY ACCESS;
AUDIT EXECUTE PROCEDURE BY AAA BY ACCESS;
These options audit all DDL and DML issued by "AAA", along with some system events.
DDL (CREATE, ALTER & DROP of objects)
DML (INSERT UPDATE, DELETE, SELECT, EXECUTE).
SYSTEM EVENTS (LOGON, LOGOFF etc.)
3. View Audit Trail
The audit trail is stored in the SYS.AUD$ table. It's contents can be viewed directly or via the following views:
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_STMT_AUDIT_OPTS
The audit trail contains a lot of data, but the following are most likely to be of interest:
Username: Oracle Username.
Terminal: Machine that the user performed the action from.
Timestamp: When the action occured.
Object Owner: The owner of the object that was interacted with.
Object Name: The name of the object that was interacted with.
Action Name: The action that occured against the object. (INSERT, UPDATE, DELETE, SELECT, EXECUTE)
4. Maintenance
The audit trail must be deleted/archived on a regular basis to prevent the SYS.AUD$ table growing to an unnacceptable size.
5. Security
Only DBAs should have maintenance access to the audit trail. Auditing modifications of the data in the audit trail itself can be achieved as follows:
AUDIT INSERT, UPDATE, DELETE ON sys.aud$ BY ACCESS;
本回答由网友推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
