审计策略ORA_SECURECONFIG

简介: oracle里默认激活的审计策略只有两个ORA_SECURECONFIG和ORA_LOGON_FAILURES,其中ORA_SECURECONFIG这个审计策略记录的信息较多

oracle里默认激活的审计策略只有两个ORA_SECURECONFIG和ORA_LOGON_FAILURES,其中ORA_SECURECONFIG这个审计策略记录的信息较多


CREATE AUDIT POLICY ORA_SECURECONFIG
 PRIVILEGES ALTER ANY TABLE, CREATE ANY TABLE, DROP ANY TABLE,
            CREATE ANY PROCEDURE, DROP ANY PROCEDURE, ALTER ANY PROCEDURE, 
            GRANT ANY PRIVILEGE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY ROLE, 
            AUDIT SYSTEM, CREATE EXTERNAL JOB, CREATE ANY JOB, 
            CREATE ANY LIBRARY, 
            EXEMPT ACCESS POLICY, 
            CREATE USER, DROP USER, 
            ALTER DATABASE, ALTER SYSTEM, 
            CREATE PUBLIC SYNONYM, DROP PUBLIC SYNONYM, 
            CREATE SQL TRANSLATION PROFILE, CREATE ANY SQL TRANSLATION PROFILE, 
            DROP ANY SQL TRANSLATION PROFILE, ALTER ANY SQL TRANSLATION PROFILE, 
            TRANSLATE ANY SQL, 
            EXEMPT REDACTION POLICY,  
            PURGE DBA_RECYCLEBIN, LOGMINING, 
            ADMINISTER KEY MANAGEMENT
 ACTIONS    ALTER USER, CREATE ROLE, ALTER ROLE, DROP ROLE,
            SET ROLE, CREATE PROFILE, ALTER PROFILE, 
            DROP PROFILE, CREATE DATABASE LINK, 
            ALTER DATABASE LINK, DROP DATABASE LINK, 
            CREATE DIRECTORY, DROP DIRECTORY, 
            CREATE PLUGGABLE DATABASE,  
            DROP PLUGGABLE DATABASE, 
            ALTER PLUGGABLE DATABASE, 
            EXECUTE ON DBMS_RLS;


查询默认激活的审计策略只有两个ORA_SECURECONFIG和ORA_LOGON_FAILURES。

SQL> select * from AUDIT_UNIFIED_ENABLED_POLICIES;
POLICY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENABLED_OPTION
------------------------------
ENTITY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENTITY_TYPE    SUCCES FAILUR
-------------- ------ ------
ORA_SECURECONFIG
BY USER
ALL USERS
USER        YES    YES
POLICY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENABLED_OPTION
------------------------------
ENTITY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENTITY_TYPE    SUCCES FAILUR
-------------- ------ ------
ORA_LOGON_FAILURES
BY USER
ALL USERS
USER        NO     YES



取消此项audit

SQL>  noaudit policy ora_secureconfig;
Noaudit succeeded.
SQL> select * from AUDIT_UNIFIED_ENABLED_POLICIES;
POLICY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENABLED_OPTION
------------------------------
ENTITY_NAME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ENTITY_TYPE    SUCCES FAILUR
-------------- ------ ------
ORA_LOGON_FAILURES
BY USER
ALL USERS
USER        NO     YES


相关文章
|
SQL Oracle 关系型数据库
|
XML Oracle 关系型数据库
|
Oracle 关系型数据库 数据库
|
SQL Oracle 关系型数据库
|
安全 关系型数据库 Oracle
ORACLE 安全访问策略VPD与ORA-28132
                                                                                                                                    ...
1164 0
|
Oracle 关系型数据库 数据库管理
ORACLE 系统用户角色故障导致ORA-01017
最近在为Oracle单实例配置ASM时,做了一些调整,结果导致sys用户无法以操作系统身份验证登陆,即提示ORA-01017错误。
1243 0