|Re: help audit trail how to set up [message #50198 is a reply to message #50160]
||Tue, 05 March 2002 16:53
Registered: February 2002
Here is tep to setup the AUDIT in server.|
1. Chance parrameter file(initSID.ora) for AUDIT setting and shutdown and startup database.
- Set this parameter to OS/DB/NONE. (They have three type of AUDIT. OS - on OS file, DB - on database SYS.AUD$ and NONE - disable AUDIT)
- shutdown and startup
SVRMGR shutdown normal;
check the AUDIT setting
SVRMGRL select name,value from v$parameter where name like 'aud%'; -- you will see the setting as below
AUDIT_FILE_DEST=path for OS audit.
check the audit table.
SVRMGRselect * from sys.aud$;
SVRMGRselect * from dba_audit_trail; -- if these tables are not found in this database then you need to execute the script to generate AUDIT's table. Here is the script ORACLE_HOME path/rdbms/admin/cataudit.sql
Option-execute the script (with sys user)
2. After the database is set to audit then you can start to audit the database.
In Audit, it has three type, OBJECT,PRIVILEGES and STATEMENT.
- OBJECT (DBA_OBJ_AUDIT_OPTS)
SVRMGRaudit select,delete,update on schema.object by session/access;
After this object is access by select,update or update. Thehn you can find the record in SYS.AUD$ and DBA_AUDIT_TRAIL.
- PRIVILEGES (SYSTEM_PRIVILEGES_MAP)
SVRMGRaudit create table by username;
SVRMGRLaudit table by username;
- no audit
SVRMGRnoaudit select on schema.tablename;
- audit will cause performance problem if too many auditing on database.
- cleanup sys.aud$ table if the data is not used.
- audit SYS.AUD$ to makesure no one chance SYS.AUD$ with this .
SVRMGRaudit select,update,delete on sys.aud$ by access;
- grant SYSTEM AUDIT privileges to admin user only. Because this privileges is allowed to set auditing.
- more detail in Oracle documentation.
Hope this is helping. Thanks