DB开了AUDIT,DBA_AUDIT_TRAIL中没有AUDIT记录
数据库版本:SQL> select * from v$version;
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - 64bit Production
PL/SQL Release 11.1.0.6.0 - Production
CORE 11.1.0.6.0 Production
TNS for Linux: Version 11.1.0.6.0 - Production
NLSRTL Version 11.1.0.6.0 - Production
AUDIT参数:
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /home/oracle/app/oracle/admin/
orcl/adump
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string DB
AUDIT DELETE操作:
SQL> audit delete table by capsa_bdcrpt;
Audit succeeded.
SQL> audit delete table;
Audit succeeded.
这样在DBA_AUDIT_TRAIL查不到AUDIT的记录,
但是如果用 AUDIT DELETE on capsa_bdcrpt.etl_log就能在DBA_AUDIT_TRAIL中查到AUDIT记录。
请老大们帮忙! 本帖最后由 anbob 于 2013-12-24 13:43 编辑
take a example
take a example
anbob@ORA11204>create table tt(id int);
anbob@ORA11204>insert into tt values(1);
anbob@ORA11204>commit;
anbob@ORA11204>audit delete table by anbob by access;
anbob@ORA11204>delete tt where id=1;
anbob@ORA11204>commit;
anbob@ORA11204> select username, TIMESTAMP,owner,obj_name,ACTION_NAME from dba_audit_trail
where timestamp>sysdate-1;
USERNAME TIMESTAMP OWNER OBJ_NAME ACTION_NAME
---------------- --------- ---------- ----------------- ----------------------------
ANBOB 24-DEC-13 LOGON
ANBOB 24-DEC-13 SYSTEM AUDIT
anbob@ORA11204>audit delete table by system by access;
Audit succeeded.
system@ORA11204>insert into anbob.tt values(1);
system@ORA11204>commit;
system@ORA11204>delete anbob.tt;
system@ORA11204> select username, TIMESTAMP,owner,obj_name,ACTION_NAME from dba_audit_trail where timestamp>sysdate-1;
USERNAME TIMESTAMP OWNER OBJ_NAME ACTION_NAME
--------------- --------- -------------- ------------- ----------------
SYSTEM 24-DEC-13 ANBOB TT DELETE
SYSTEM 24-DEC-13 LOGON
ANBOB 24-DEC-13 LOGON
...-- had truncated
system@ORA11204>conn anbob/anbob
Connected.
anbob@ORA11204>insert into anbob.tt values(1);
anbob@ORA11204>audit delete anytable by anbob by access;
anbob@ORA11204>delete anbob.tt;
anbob@ORA11204> select username, TIMESTAMP,owner,obj_name,ACTION_NAME from dba_audit_trail
where timestamp>sysdate-1 order by 2;
USERNAME TIMESTAMP OWNER OBJ_NAME ACTION_NAME
--------------- ------------------- ------------- --------------- ------------------
...
SYSTEM 2013-12-24 13:16:55 LOGON
SYSTEM 2013-12-24 13:17:23 ANBOB TT DELETE
ANBOB 2013-12-24 13:17:38 LOGON
SYSTEM 2013-12-24 13:17:38 LOGOFF
ANBOB 2013-12-24 13:17:58 SYSTEM AUDIT
ANBOB 2013-12-24 13:18:09 ANBOB TT DELETE
页:
[1]