每次sysdba或者sysoper权限登录都会写入一个audit trail文件或者在现有的trail文件后面添加登录信息,而这个并不受audit_trail参数限制,audit_trail是显示是否启用审计和审计内容存储的具体位置 有关audit_sys_operations参数: AUDIT_SYS_OPERATIONS enables or disables the auditing of top-level operations,which are SQL statements directly issued by users when connecting with SYSDBA or SYSOPER privileges. (SQL statements run from within PL/SQL procedures or functions are not considered top-level.) The audit records are written to the operating system‘s audit trail. The audit records will be written in XML format if the AUDIT_TRAIL initialization parameter is set to xml or xml,extended. On UNIX platforms,if the AUDIT_SYSLOG_LEVEL parameter has also been set,then it overrides the AUDIT_TRAIL parameter and SYS audit records are written to the system audit log using the SYSLOG utility. 该参数默认为false,但是sysdba和sysoper登录还是会记录audit到相应的audit trail文件的,只是不记录之后sysdba操作的信息,而如果设置true,还会记录之后sysdba或者sysoper操作记录到audit trail中。 可以关闭审计,但是sysdba或者sysoper登录记录audit trail却无法禁掉。
?
整理自:https://blog.csdn.net/zhaoyangjian724/article/details/50637409
(编辑:李大同)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|