版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/leo__1990/article/details/90199263

概念

Oracle Data Pump commands can now be audited. This provides more complete auditing of operations performed against the database.

现在可以对Oracle数据泵的命令进行审计。这为对数据库执行的操作提供了更完整的审计。

About Auditing Oracle Data Pump Events

The CREATE AUDIT POLICY statement COMPONENT clause must be set to DATAPUMP to create Oracle Data Pump unified audit policies.

You can audit Data Pump export (expdp) and import (impdp) operations.

As with all unified auditing, you must have the AUDIT_ADMIN role before you can audit Oracle Data Pump events.

To access the audit trail, query the UNIFIED_AUDIT_TRAIL data dictionary view. The Data Pump-specific columns in this view begin with DP_.

创建审计策略语句组件子句必须设置为DATAPUMP创建Oracle数据泵统一审计策略。

您可以审核数据泵导出(expdp)和导入(impdp)操作。

与所有的统一审计一样,在审计Oracle数据泵事件之前,必须有AUDIT_ADMIN角色。

要访问审计跟踪,请查询UNIFIED_AUDIT_TRAIL数据字典视图。这个视图中的数据泵特定的列从DP_开始。

Configuring a Unified Audit Policy for Oracle Data Pump

The ACTIONS COMPONENT clause in the CREATE AUDIT POLICY statement can be used to create an Oracle Data Pump event unified audit policy.

	Use the following syntax to create a unified audit policy for Oracle Data Pump:

		CREATE AUDIT POLICY policy_name

		ACTIONS COMPONENT=DATAPUMP { EXPORT | IMPORT | ALL };

实验

1) 当该策略应用于用户时,他们的数据泵工作将出现在审计跟踪中。以下政策审核所有数据泵操作。该策略应用于test用户。

SQL> conn test/test@pdbcndba

Connected.

SQL>  CREATE AUDIT POLICY audit_dp_all_policy ACTIONS COMPONENT=DATAPUMP ALL;

Audit policy created.

SQL> AUDIT POLICY audit_dp_all_policy BY test; 

Audit succeeded.

2)运行以下数据泵命令

[oracle@host1 ~]$ expdp test/test@pdbcndba DIRECTORY=dpump_dir1 DUMPFILE=expdat.dmp logfile=expdat.log tables=leo2 LOGTIME=ALL

Export: Release 12.1.0.2.0 - Production on Sat Aug 5 18:03:39 2017

Copyright (c) 1982, 2014, Oracle and/or its affiliates.  All rights reserved.

Connected to: Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options

05-AUG-17 18:03:41.234: Starting "TEST"."SYS_EXPORT_TABLE_01":  test/********@pdbcndba DIRECTORY=dpump_dir1 DUMPFILE=expdat.dmp logfile=expdat.log tables=leo2 LOGTIME=ALL

05-AUG-17 18:03:41.572: Estimate in progress using BLOCKS method...

05-AUG-17 18:03:42.228: Processing object type TABLE_EXPORT/TABLE/TABLE_DATA

05-AUG-17 18:03:42.261: Total estimation using BLOCKS method: 72 MB

05-AUG-17 18:03:44.340: Processing object type TABLE_EXPORT/TABLE/TABLE

05-AUG-17 18:03:44.750: Processing object type TABLE_EXPORT/TABLE/STATISTICS/TABLE_STATISTICS

05-AUG-17 18:03:44.787: Processing object type TABLE_EXPORT/TABLE/STATISTICS/MARKER

05-AUG-17 18:03:48.157: . . exported "TEST"."LEO2"                               831.3 KB    6886 rows

05-AUG-17 18:03:48.358: Master table "TEST"."SYS_EXPORT_TABLE_01" successfully loaded/unloaded

05-AUG-17 18:03:48.358: ******************************************************************************

05-AUG-17 18:03:48.359: Dump file set for TEST.SYS_EXPORT_TABLE_01 is:

05-AUG-17 18:03:48.364:   /backup/expdat.dmp

05-AUG-17 18:03:48.376: Job "TEST"."SYS_EXPORT_TABLE_01" successfully completed at Sat Aug 5 18:03:48 2017 elapsed 0 00:00:08

3)检查审计跟踪显示数据泵工作被审计。

SQL> conn test/test@pdbcndba

Connected.

SQL> EXEC DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL;

PL/SQL procedure successfully completed.

SQL> SET LINESIZE 200

SQL> COLUMN event_timestamp FORMAT A30

SQL> COLUMN dp_text_parameters1 FORMAT A30

SQL> COLUMN dp_boolean_parameters1 FORMAT A30

SQL> SELECT event_timestamp,

       dp_text_parameters1,

       dp_boolean_parameters1

FROM   unified_audit_trail

WHERE  audit_type = 'Datapump';

EVENT_TIMESTAMP 	       	DP_TEXT_PARAMETERS1	       DP_BOOLEAN_PARAMETERS1

------------------------------ 	------------------------------ ------------------------------

05-AUG-17 06.03.41.553994 PM   	MASTER TABLE:  "TEST"."SYS_EXP MASTER_ONLY: FALSE, DATA_ONLY:

				ORT_TABLE_01" , JOB_TYPE: EXPO  FALSE, METADATA_ONLY: FALSE,

				RT, METADATA_JOB_MODE: TABLE_E DUMPFILE_PRESENT: TRUE, JOB_RE

				XPORT, JOB VERSION: 12.1.0.2.0 STARTED: FALSE

			        , ACCESS METHOD: AUTOMATIC, DA

				TA OPTIONS: 0, DUMPER DIRECTOR

				Y: NULL	REMOTE LINK: NULL, TA

				BLE EXISTS: NULL, PARTITION OP

				TIONS: NONE

最新文章

  1. iOS cocoapods升级及问题
  2. Web Service 中返回DataSet结果大小改进
  3. JDBC的使用(二):PreparedStatement接口;ResultSet接口(获取结果集);例题:SQL注入
  4. 服务器由于redis未授权漏洞被攻击
  5. C语言 队列 链式结构 实现
  6. DB2数据库管理最佳实践(1)
  7. 【ibatis】cachemodel、属性 及特殊配置
  8. 在VS中手工创建一个最简单的WPF程序
  9. 版本控制工具git入门
  10. Poj 2255 Tree Recovery(二叉搜索树)
  11. ARM指令集中经常使用的存储和载入指令
  12. Spark GraphX快速入门
  13. 编写高质量代码:改善Java程序的151个建议 --[36~51]
  14. Web —— 在自己电脑搭建网站,发布到公网,并使用域名访问
  15. vue2.0 之文本渲染-v-html、v-text
  16. Java知识点ArrayList
  17. metasploit framework(二):记一次入侵
  18. Oracle中append与Nologging
  19. php后台管理员权限相关表结构
  20. Android控件显示和隐藏

热门文章

  1. oracle批量操作
  2. mqtt服务搭建(emqx,原emq)
  3. 在线研讨会预热 | 基于ASPICE&CNAS的单元测试介绍
  4. 团队作业Beta冲刺--第二天
  5. 3. 控制反转(IoC)和依赖注入(DI)
  6. 浅谈JS高阶函数
  7. Nutch2.1+solr3.6.1+mysql5.6问题
  8. vue的组件名称问题
  9. YAML_12 批量创建用户,分别设置用户组
  10. salt state.sls windows 传输文件