--审计 --1.system privilege 系统权限审计 --查询有哪些系统权限供审计 SELECT * FROM System_Privilege_Map; --审计记录保存于该视图,源于aud$系统表,要删除历史审计记录可以删除aud$表 SELECT * FROM DBA_AUDIT_TRAIL ORDER BY TIMESTAMP DESC; --查看已经配置的权限审计 SELECT * FROM Dba_Priv_Audit_Opts; AUDIT CREATE SESSION BY scott BY ACCESS; --即使是设置为by session还是默认为by access AUDIT DROP ANY TABLE BY SESSION WHENEVER SUCCESSFUL; --2.object privilege, 默认by session --查看配置的审计对象权限 SELECT * FROM Dba_Obj_Audit_Opts; AUDIT DELETE ON SCOTT.TEMP1 BY ACCESS; AUDIT SELECT ON SCOTT.TEMP1 BY ACCESS; --不审计 NOAUDIT TABLE ... BY <USERNAME> --使用sys用户以外的其他用户登录并进行操作 SELECT * FROM TEMP1; --删除审计记录 DELETE from aud$; --3.语句审计 --4.细粒度审计FGA BEGIN dbms_fga.add_policy(object_schema => 'SCOTT', policy_name => 'scott_temp1_select', object_name => 'TEMP1', statement_types => 'SELECT'); END; / --查看定义的 SELECT * FROM DBA_AUDIT_POLICIES; --查看记录 SELECT * FROM DBA_FGA_AUDIT_TRAIL; SELECT * FROM SCOTT.TEMP1; --审计记录(包含审计的类型,session_id等) SELECT * FROM dba_common_audit_trail;