Oracle provides an audit tool for tracking, recording, and counting all aspects of database activities! -- Sqlserver does not seem to have this function yet!
Oracle audit functions
- Initialized parameter control: built-in Database Audit
- Detailed audit of tables and views provided by dbms_fga
- Trigger implementation: Powerful, complex, and flexible application Audit
The following describes the built-in audit function of the database.
By default, Oracle does not enable the database audit function. Oracle only records the basic activities of the database. You can view the audit record chat in the Windows event viewer. The information provided at this time is required by common Windows Services. There is no active Oracle auditing work in it. (At this time, Oracle records basic activities in the desired logs: errors, tracking, background, users, etc)
- Audit_sys_operations = {false (default: Audit of privileged users is not enabled) |True}
- Audit_trail = {none (default: normal user audit not enabled) | OS |DB| Db_extended | XML | xml_extended}
Set Audit audit: requires the audit system and audit any permissions.
- Audit{All|Sqlstatment ....}[By{All users |User ....|Proxy ....}] [By{Session|Access}] [Whenever{All|Successful|Not successful}]
-
- Audit{All privileges|Role ....|System_privileges....}[By{All users |User.... |Proxy ....}][{Session|Access}] [Whenever {All| Successful | not successful}]
- Audit{All|Object_options ....}On{Default|DirectoryDirectory_name|[Schema.] Object}[{Session|Access}] [whenever {All| Successful | not successful}]
-
- AuditNetwork [{Session| Access}] [whenever {All| Successful | not successful}]
-
- Note: Only object audits take effect immediately. Other audits only take effect for future sessions!
Stop audit noaudit: The permission requirement is the same as that of audit, and the definition form is the same-[By {session | access}] sub-Definition
Note: noaudit and can only cancel the same previously defined audit statements,All or specified classes will not be canceled, and other audit will continue.
Audit recommendations
- By access can audit every execution. For DML, it is inappropriate for by session to record only one audit record for the same DML statement in the same session!
- By user can audit only one or more users, which is more practical
Query audit information: dba_audit_trail dictionary table. Audit discipline records are in the SYS. AUD $ fixed table. You can query the dba_audit_trail data dictionary table to obtain information.
- Dba_audit_xxx: record details for review
- Dba_stmt_audit_opts: Statement Audit settings
- Dba_priv_audit_opts: Permission audit settings
- Dba_obj_audit_opts: Object audit settings