Oracle 10g初始化参数AUDIT_TRAIL变化(二)
在9i中,初始化参数AUDIT_TRAIL只有NONE、DB和OS三个可选值,而在10g中,Oracle又增加了几个新的选项。
这篇介绍EXTEND选项。
当前数据库的设置为:
SQL> show parameter audit_trail
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_trail string XML
检查一下这种情况下对SQL语句和绑定变量的支持:
SQL> var v_id number
SQL> exec :v_id := 1
PL/SQL procedure successfully completed.
SQL> audit select on t_audit;
Audit succeeded.
SQL> select * from t_audit where id = :v_id;
no rows selected
查询V$XML_AUDIT_TRAIL视图:
SQL> select db_user, object_name, sql_text, sql_bind
2 from v$xml_audit_trail;
DB_USER OBJECT_NAME SQL_TEXT SQL_BIND
-------- ------------ -------------------------------------------------- ----------
/ CONNECT
/ CONNECT
/ CONNECT
TEST T_AUDIT
TEST T_AUDIT
对于新执行的SELECT语句,看不到SQL语句和绑定变量,下面设置AUDIT_TRAIL参数为XML, EXTENDED:
SQL> conn / as sysdba
Connected.
SQL> alter system set audit_trail = xml, extended scope = spfile;
System altered.
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup
ORACLE instance started.
Total System Global Area 2147483648 bytes
Fixed Size 2074112 bytes
Variable Size 486541824 bytes
Database Buffers 1644167168 bytes
Redo Buffers 14700544 bytes
Database mounted.
Database opened.
下面执行同样的查询语句:
SQL> conn test/test
Connected.
SQL> select * from t_audit where id = :v_id;
no rows selected
SQL> select db_user, object_name, sql_text, sql_bind
2 from v$xml_audit_trail;
DB_USER OBJECT_NAME SQL_TEXT SQL_BIND
-------- ------------ -------------------------------------------------- ----------
/ CONNECT
/ CONNECT
/ CONNECT
/ SHUTDOWN
/ CONNECT
TEST T_AUDIT
TEST T_AUDIT
TEST T_AUDIT select * from t_audit where id = :v_id #1(1):1
8 rows selected.
可以看到,设置了AUDIT_TRAIL为XML, EXTENDED参数后,数据库不仅记录下复合AUDIT条件的SQL语句,设置还会记录SQL语句中使用的绑定变量。
不过需要注意的是,这种审计同时也存在暴露敏感SQL语句以及敏感数据的潜在危险,同时记录SQL语句和绑定变量势必增加额外的开销,因此这个选项应该只在需要的时候打开。
oracle视频教程请关注:http://u.youku.com/user_video/id_UMzAzMjkxMjE2.html