Next, create a new tablespace to hold the audit trail.CONN / AS SYSDBA SELECT table_name, tablespace_name FROM dba_tables WHERE table_name IN ('AUD$', 'FGA_LOG$') ORDER BY table_name; TABLE_NAME TABLESPACE_NAME ------------------------------ ------------------------------ AUD$ SYSTEM FGA_LOG$ SYSTEM SQL>
Then we move the standard audit trail to the new tablespace.CREATE TABLESPACE audit_aux DATAFILE '/u01/app/oracle/oradata/DB11G/audit_aux01.dbf' SIZE 1M AUTOEXTEND ON NEXT 1M;
Next we move the fine-grained audit trail.BEGIN DBMS_AUDIT_MGMT.set_audit_trail_location( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD, audit_trail_location_value => 'AUDIT_AUX'); END; / PL/SQL procedure successfully completed. SQL> -- Check locations. SELECT table_name, tablespace_name FROM dba_tables WHERE table_name IN ('AUD$', 'FGA_LOG$') ORDER BY table_name; TABLE_NAME TABLESPACE_NAME ------------------------------ ------------------------------ AUD$ AUDIT_AUX FGA_LOG$ SYSTEM SQL>
Finally, we move them both back to their original location in a single step.BEGIN DBMS_AUDIT_MGMT.set_audit_trail_location( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FGA_STD, audit_trail_location_value => 'AUDIT_AUX'); END; / PL/SQL procedure successfully completed. SQL> -- Check locations. SELECT table_name, tablespace_name FROM dba_tables WHERE table_name IN ('AUD$', 'FGA_LOG$') ORDER BY table_name; TABLE_NAME TABLESPACE_NAME ------------------------------ ------------------------------ AUD$ AUDIT_AUX FGA_LOG$ AUDIT_AUX SQL>
The AUDIT_AUX tablespace is no longer used so we can drop it.BEGIN DBMS_AUDIT_MGMT.set_audit_trail_location( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_DB_STD, audit_trail_location_value => 'SYSTEM'); END; / PL/SQL procedure successfully completed. SQL> -- Check locations. SELECT table_name, tablespace_name FROM dba_tables WHERE table_name IN ('AUD$', 'FGA_LOG$') ORDER BY table_name; TABLE_NAME TABLESPACE_NAME ------------------------------ ------------------------------ AUD$ SYSTEM FGA_LOG$ SYSTEM SQL>
The time it takes to move the audit trail tables depends on the amount of data currently in the audit trail tables, and the resources available on your system.DROP TABLESPACE audit_aux;
These defaults mean that OS and XML audit trail files will grow to a maximum of 10,000Kb, at which point a new file will be created. In addition, files older than 5 days will not be written to any more, even if they are below the maximum file size. Instead, a new file will be created and written to. Here are some examples of changing the settings.COLUMN parameter_name FORMAT A30 COLUMN parameter_value FORMAT A20 COLUMN audit_trail FORMAT A20 SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 5 XML AUDIT TRAIL SQL>
The CLEAR_AUDIT_TRAIL_PROPERTY procedure can be used to remove the size and age restrictions, or reset them to the default values. Setting the USE_DEFAULT_VALUES parameter value to FALSE removes the restrictions, while setting it to TRUE returns the restriction to the default value.-- Set the Maximum size of OS audit files to 15,000Kb. BEGIN DBMS_AUDIT_MGMT.set_audit_trail_property( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_OS, audit_trail_property => DBMS_AUDIT_MGMT.OS_FILE_MAX_SIZE, audit_trail_property_value => 15000); END; / SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 15000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 5 XML AUDIT TRAIL SQL> -- Set the Maximum age of XML audit files to 10 days. BEGIN DBMS_AUDIT_MGMT.set_audit_trail_property( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_XML, audit_trail_property => DBMS_AUDIT_MGMT.OS_FILE_MAX_AGE, audit_trail_property_value => 10); END; / SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 15000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 10 XML AUDIT TRAIL SQL>
-- Reset the max size default values for both OS and XML audit file. BEGIN DBMS_AUDIT_MGMT.clear_audit_trail_property( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FILES, audit_trail_property => DBMS_AUDIT_MGMT.OS_FILE_MAX_SIZE, use_default_values => TRUE ); END; / SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 10 XML AUDIT TRAIL SQL> -- Remove the max age restriction for both OS and XML audit file. BEGIN DBMS_AUDIT_MGMT.clear_audit_trail_property( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FILES, audit_trail_property => DBMS_AUDIT_MGMT.OS_FILE_MAX_AGE, use_default_values => FALSE ); END; / SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE NOT SET OS AUDIT TRAIL AUDIT FILE MAX AGE NOT SET XML AUDIT TRAIL SQL> -- Reset the max age default values for both OS and XML audit file. BEGIN DBMS_AUDIT_MGMT.clear_audit_trail_property( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_FILES, audit_trail_property => DBMS_AUDIT_MGMT.OS_FILE_MAX_AGE, use_default_values => TRUE ); END; / SELECT * FROM dba_audit_mgmt_config_params WHERE parameter_name LIKE 'AUDIT FILE MAX%'; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 5 XML AUDIT TRAIL SQL>
Notice that the 'DB AUDIT TABLESPACE' for the database audit trails are unchanged and the 'DEFAULT CLEAN UP INTERVAL' for all four audit trails has been set.COLUMN parameter_name FORMAT A30 COLUMN parameter_value FORMAT A20 COLUMN audit_trail FORMAT A20 SELECT * FROM dba_audit_mgmt_config_params; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- DB AUDIT TABLESPACE SYSTEM STANDARD AUDIT TRAIL DB AUDIT TABLESPACE SYSTEM FGA AUDIT TRAIL AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 5 XML AUDIT TRAIL DB AUDIT CLEAN BATCH SIZE 10000 STANDARD AUDIT TRAIL DB AUDIT CLEAN BATCH SIZE 10000 FGA AUDIT TRAIL OS FILE CLEAN BATCH SIZE 1000 OS AUDIT TRAIL OS FILE CLEAN BATCH SIZE 1000 XML AUDIT TRAIL SQL> BEGIN DBMS_AUDIT_MGMT.init_cleanup( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL, default_cleanup_interval => 12 /* hours */); END; / PL/SQL procedure successfully completed. SQL> SELECT * FROM dba_audit_mgmt_config_params; PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- DB AUDIT TABLESPACE SYSTEM STANDARD AUDIT TRAIL DB AUDIT TABLESPACE SYSTEM FGA AUDIT TRAIL AUDIT FILE MAX SIZE 10000 OS AUDIT TRAIL AUDIT FILE MAX SIZE 10000 XML AUDIT TRAIL AUDIT FILE MAX AGE 5 OS AUDIT TRAIL AUDIT FILE MAX AGE 5 XML AUDIT TRAIL DB AUDIT CLEAN BATCH SIZE 10000 STANDARD AUDIT TRAIL DB AUDIT CLEAN BATCH SIZE 10000 FGA AUDIT TRAIL OS FILE CLEAN BATCH SIZE 1000 OS AUDIT TRAIL OS FILE CLEAN BATCH SIZE 1000 XML AUDIT TRAIL DEFAULT CLEAN UP INTERVAL 12 OS AUDIT TRAIL PARAMETER_NAME PARAMETER_VALUE AUDIT_TRAIL ------------------------------ -------------------- -------------------- DEFAULT CLEAN UP INTERVAL 12 STANDARD AUDIT TRAIL DEFAULT CLEAN UP INTERVAL 12 FGA AUDIT TRAIL DEFAULT CLEAN UP INTERVAL 12 XML AUDIT TRAIL
To deconfigure the audit management infrastructure run the DEINIT_CLEANUP procedure.SET SERVEROUTPUT ON BEGIN IF DBMS_AUDIT_MGMT.is_cleanup_initialized(DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD) THEN DBMS_OUTPUT.put_line('YES'); ELSE DBMS_OUTPUT.put_line('NO'); END IF; END; / YES PL/SQL procedure successfully completed. SQL>
BEGIN DBMS_AUDIT_MGMT.deinit_cleanup( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL); END; /
The timestamps for each audit trail can be cleared to allow a complete purge using the CLEAR_LAST_ARCHIVE_TIMESTAMP procedure.BEGIN DBMS_AUDIT_MGMT.set_last_archive_timestamp( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD, last_archive_time => SYSTIMESTAMP-5); END; / COLUMN audit_trail FORMAT A20 COLUMN last_archive_ts FORMAT A40 SELECT * FROM dba_audit_mgmt_last_arch_ts; AUDIT_TRAIL RAC_INSTANCE LAST_ARCHIVE_TS -------------------- ------------ ---------------------------------------- STANDARD AUDIT TRAIL 0 13-DEC-09 01.57.54.000000 PM +00:00 SQL>
BEGIN DBMS_AUDIT_MGMT.clear_last_archive_timestamp( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD); END; /
SELECT * FROM dba_audit_mgmt_last_arch_ts; AUDIT_TRAIL RAC_INSTANCE LAST_ARCHIVE_TS -------------------- ------------ ---------------------------------------- STANDARD AUDIT TRAIL 0 13-DEC-09 01.57.54.000000 PM +00:00 SQL> SELECT COUNT(*) FROM aud$; COUNT(*) ---------- 2438 SQL> BEGIN DBMS_AUDIT_MGMT.clean_audit_trail( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD, use_last_arch_timestamp => TRUE); END; / PL/SQL procedure successfully completed. SELECT COUNT(*) FROM aud$; COUNT(*) ---------- 76 SQL>
The job can be disabled and enabled using the SET_PURGE_JOB_STATUS procedure.BEGIN DBMS_AUDIT_MGMT.create_purge_job( audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL, audit_trail_purge_interval => 24 /* hours */, audit_trail_purge_name => 'PURGE_ALL_AUDIT_TRAILS', use_last_arch_timestamp => TRUE); END; / PL/SQL procedure successfully completed. SQL> SELECT job_action FROM dba_scheduler_jobs WHERE job_name = 'PURGE_ALL_AUDIT_TRAILS'; JOB_ACTION -------------------------------------------------------------------------------- BEGIN DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL(15, TRUE); END; SQL>
The interval of the purge job can be altered using the SET_PURGE_JOB_INTERVAL procedure.BEGIN DBMS_AUDIT_MGMT.set_purge_job_status( audit_trail_purge_name => 'PURGE_ALL_AUDIT_TRAILS', audit_trail_status_value => DBMS_AUDIT_MGMT.PURGE_JOB_DISABLE); DBMS_AUDIT_MGMT.set_purge_job_status( audit_trail_purge_name => 'PURGE_ALL_AUDIT_TRAILS', audit_trail_status_value => DBMS_AUDIT_MGMT.PURGE_JOB_ENABLE); END; /
Purge jobs are removed using the DROP_PURGE_JOB procedure.BEGIN DBMS_AUDIT_MGMT.SET_PURGE_JOB_INTERVAL( audit_trail_purge_name => 'PURGE_ALL_AUDIT_TRAILS', audit_trail_interval_value => 48); END; /
There are two things to note about the automated functionality.BEGIN DBMS_AUDIT_MGMT.drop_purge_job( audit_trail_purge_name => 'PURGE_ALL_AUDIT_TRAILS'); END; /
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/9466564/viewspace-706660/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/9466564/viewspace-706660/