dbms_fga

官方文档的pl/sql packages写的比较清楚，这里翻译一下

begin   
DBMS_FGA.ADD_POLICY (
   object_schema      =>  'HR',object_name        =>  'EMPLOYEES',policy_name        =>  'mypolicy1',audit_condition    =>  'salary<10500 or manager_id<100',audit_column       =>  'salary,manager_id',handler_schema     =>   NULL,handler_module     =>   NULL,enable             =>   TRUE,statement_types    =>  'INSERT,UPDATE,SELECT',audit_trail        =>   DBMS_FGA.DB + DBMS_FGA.EXTENDED,audit_column_opts  =>   DBMS_FGA.ALL_COLUMNS);    
end;

缺省值表：

其中：
audit_trail：
Setting audit_trail to DBMS_FGA.DB sends the audit trail to the SYS.FGA_LOG$ table in the database and omits SQL Text and SQL Bind.
Setting audit_trail to DBMS_FGA.DB + DBMS_FGA.EXTENDED sends the audit trail to the SYS.FGA_LOG$ table in the database and includes SQL Text and SQL Bind.
Setting audit_trail to DBMS_FGA.XML writes the audit trail in XML files sent to the operating system and omits SQL Text and SQL Bind.
Setting audit_trail to DBMS_FGA.XML + DBMS_FGA.EXTENDED writes the audit trail in XML files sent to the operating system and includes SQL Text and SQL Bind.
清除XML，查看AUDIT_FILE_DEST ，删除即可；
清除DB级：truncate table sys.fga_log$;
audit_column_opts参数指定下面的情况是否记录
1当查询涉及里面的列（audit_column_opts=dbms_fga.any_columns)都记录
2仅当所有的列都被涉及（audit_column_opts=dbms_fga.all_columns)才记录

检查策略：

select object_schema,object_name,policy_name,policy_text,policy_column,enabled,audit_trail,policy_column_options
 from dba_audit_policies;

查看审计结果：

select timestamp,db_user,os_user,object_schema,sql_text
from dba_fga_audit_trail; 

select  
db_user,sql_text from dba_common_audit_trail

删除策略：

begin
dbms_fga.drop_policy('HR','EMPLOYEES','MYPOLICY1');
end;

如果会话还在，可以连接： sys.fga_log$.sessionid = V$SESSION.AUDSID来查询相关信息

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!