环境： Linux 6.4 + Oracle 10.2.0.41. Oracle 10g 审计功能2. 对数据库监听器的关闭和启动设置密码1. Oracle 10g 审计功能Oracle 10g审计功能默认是关闭的。需要注意开启审计功能必然会额外消耗一部分数据库性能，开启审计需要重启数据库生效。具体的审计策略则需要根据项目实际要求自行配置。1.1 查看audit相关参数--查看audit相关参数set linesize 200show parameter audit--结果如下NAME TYPE VALUE------------------------------------ -------------------------------- ------------------------------audit_file_dest string /opt/app/oracle/admin/vas/adum paudit_sys_operations boolean FALSEaudit_syslog_level stringaudit_trail string NONE1.2 开启审计--开启审计alter system set audit_sys_operations=TRUE scope=spfile;alter system set audit_trail=db,extended scope=spfile;--重启库生效shutdown immediatestartup--最后再次查看确定审计已开启SQL> show parameter auditNAME TYPE VALUE------------------------------------ -------------------------------- ------------------------------audit_file_dest string /opt/app/oracle/admin/vas/adum paudit_sys_operations boolean TRUEaudit_syslog_level stringaudit_trail string DB, EXTENDED1.3 配置审计策略--查看审计策略select * from DBA_STMT_AUDIT_OPTS; --配置审计策略（参考11g默认开启的审计选项设置如下基本审计内容）AUDIT ALTER ANY PROCEDURE ;AUDIT ALTER ANY TABLE ;AUDIT ALTER DATABASE ;AUDIT ALTER PROFILE ;AUDIT ALTER SYSTEM ;AUDIT ALTER USER ;AUDIT CREATE ANY JOB ;AUDIT CREATE ANY LIBRARY ;AUDIT CREATE ANY PROCEDURE ;AUDIT CREATE ANY TABLE ;AUDIT CREATE EXTERNAL JOB ;AUDIT CREATE PUBLIC DATABASE LINK ;AUDIT CREATE SESSION ;AUDIT CREATE USER ;AUDIT DATABASE LINK ;AUDIT DIRECTORY ;AUDIT DROP ANY PROCEDURE ;AUDIT DROP ANY TABLE ;AUDIT DROP PROFILE ;AUDIT DROP USER ;AUDIT EXEMPT ACCESS POLICY ;AUDIT GRANT ANY OBJECT PRIVILEGE ;AUDIT GRANT ANY PRIVILEGE ;AUDIT GRANT ANY ROLE ;AUDIT PROFILE ;AUDIT PUBLIC SYNONYM ;AUDIT ROLE ;AUDIT SYSTEM AUDIT ;AUDIT SYSTEM GRANT ;--其他特殊需求的审计策略----审计对业务用户JINGYU下的核心表T1数据的删除，更新和插入操作AUDIT DELETE,UPDATE,INSERT ON JINGYU.T1;----审计核心表T2（包括查询）AUDIT ALL ON JINGYU.T2;----审计核心表T2，每一次都生成一行审计记录AUDIT ALL ON JINGYU.T2 BY ACCESS;----取消特殊需求的审计策略NOAUDIT DELETE,UPDATE,INSERT ON JINGYU.T1;NOAUDIT ALL ON JINGYU.T2;--取消审计策略NOAUDIT ALTER ANY PROCEDURE ;NOAUDIT ALTER ANY TABLE ;NOAUDIT ALTER DATABASE ;NOAUDIT ALTER PROFILE ;NOAUDIT ALTER SYSTEM ;NOAUDIT ALTER USER ;NOAUDIT CREATE ANY JOB ;NOAUDIT CREATE ANY LIBRARY ;NOAUDIT CREATE ANY PROCEDURE ;NOAUDIT CREATE ANY TABLE ;NOAUDIT CREATE EXTERNAL JOB ;NOAUDIT CREATE PUBLIC DATABASE LINK ;NOAUDIT CREATE SESSION ;NOAUDIT CREATE USER ;NOAUDIT DATABASE LINK ;NOAUDIT DIRECTORY ;NOAUDIT DROP ANY PROCEDURE ;NOAUDIT DROP ANY TABLE ;NOAUDIT DROP PROFILE ;NOAUDIT DROP USER ;NOAUDIT EXEMPT ACCESS POLICY ;NOAUDIT GRANT ANY OBJECT PRIVILEGE ;NOAUDIT GRANT ANY PRIVILEGE ;NOAUDIT GRANT ANY ROLE ;NOAUDIT PROFILE ;NOAUDIT PUBLIC SYNONYM ;NOAUDIT ROLE ;NOAUDIT SYSTEM AUDIT ;NOAUDIT SYSTEM GRANT ;--再次查看审计策略select * from DBA_STMT_AUDIT_OPTS; 1.4 查看审计日志--查看审计日志select * from DBA_AUDIT_TRAIL;1.5 关闭审计--关闭审计alter system set audit_trail=none scope=spfile;alter system set audit_sys_operations=false scope=spfile;--重启库生效shutdown immediatestartup--最后确定审计已关闭SQL> show parameter auditNAME TYPE VALUE------------------------------------ -------------------------------- ------------------------------audit_file_dest string /opt/app/oracle/admin/vas/adum paudit_sys_operations boolean FALSEaudit_syslog_level stringaudit_trail string NONE