Scribd Logo
Importer

Bienvenue sur Scribd !

  • Audit DML Statements

    Transféré par

    Arif Rakhman
    144 vues15 pages
    Audit Oracle Security

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Audit Oracle Security

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    144 vues15 pages

    Audit DML Statements

    Transféré par

    Arif Rakhman
    Audit Oracle Security

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 15

    Copyright 2009, Oracle. All rights reserved.

    Auditing DML Statements


    Copyright 2009, Oracle. All rights reserved. 5 - 2
    Objectives
    After completing this lesson, you should be able to do the
    following:
    Implement fine-grained auditing (FGA)
    Maintain FGA policies
    Implement an FGA audit event handler
    Read FGA audit events from the FGA audit trail
    Copyright 2009, Oracle. All rights reserved. 5 - 3
    Fine-Grained Auditing (FGA)
    Policies:
    Monitor data access based on content
    Audit SELECT, INSERT, UPDATE, or DELETE
    Are created on tables or views
    May fire an event handler procedure
    Are administered with the DBMS_FGA package
    employees
    Policy: AUDIT_EMPS_SALARY
    SELECT name, salary
    FROM employees
    WHERE
    department_id = 10;
    Copyright 2009, Oracle. All rights reserved. 5 - 4
    FGA Policy
    Defines:
    Audit criteria
    Audit action
    Is created with
    DBMS_FGA
    .ADD_POLICY
    dbms_fga.add_policy (
    object_schema => 'hr',
    object_name => 'employees',
    policy_name =>
    'audit_emps_salary',
    audit_condition=>
    'department_id=10',
    audit_column => 'salary',
    handler_schema => sec',
    handler_module => 'log_emps_salary',
    enable => TRUE,
    statement_types=> 'select' );
    SELECT name, job_id
    FROM employees;
    SELECT name, salary
    FROM employees
    WHERE
    department_id = 10;
    SEC.LOG_
    EMPS_SALARY
    employees FGA audit trail
    Copyright 2009, Oracle. All rights reserved. 5 - 6
    Triggering Audit Events
    The following SQL statements cause an audit:






    The following statement does not cause an audit:
    SELECT count(*)
    FROM hr.employees
    WHERE department_id = 10
    AND salary > &v_salary;
    SELECT salary
    FROM hr.employees;
    SELECT last_name
    FROM hr.employees
    WHERE department_id = 10;
    Copyright 2009, Oracle. All rights reserved. 5 - 7
    Data Dictionary Views
    All FGA policies in the database
    DBA_AUDIT_POLICIES
    USER_AUDIT_POLICIES
    ALL_AUDIT_POLICIES
    DBA_FGA_AUDIT_TRAIL
    View Name
    All FGA events
    All FGA policies for objects in the current
    user schema
    All FGA policies for objects that the current
    user can access
    Description
    Copyright 2009, Oracle. All rights reserved. 5 - 8
    DBA_FGA_AUDIT_TRAIL
    SQL> SELECT to_char(timestamp, 'YYMMDDHH24MI')
    2 AS timestamp,
    3 db_user,
    4 policy_name,
    5 sql_bind,
    6 sql_text
    7 FROM dba_fga_audit_trail;

    TIMESTAMP DB_USER POLICY_NAME SQL_BIND
    ---------- ------- ----------------- ----------
    SQL_TEXT
    -----------------------------------------------
    0808272222 HR AUDIT_EMPS_SALARY #1(4):1000
    SELECT COUNT(*) FROM HR.EMPLOYEES WHERE
    DEPARTMENT_ID = 10 AND SALARY > :B1

    0808272222 HR AUDIT_EMPS_SALARY
    SELECT salary
    FROM hr.employees
    Copyright 2009, Oracle. All rights reserved. 5 - 9
    DBMS_FGA Package
    Use DBMS_FGA to maintain FGA policies.
    Grant the EXECUTE privilege only to administrators.
    The DBMS_FGA package includes the following
    subprograms:
    Drops an audit policy
    DROP_POLICY
    Enables an audit policy
    ENABLE_POLICY
    Disables an audit policy DISABLE_POLICY
    Creates an audit policy by using the supplied
    predicate as the audit condition
    ADD_POLICY
    Subprogram Description
    Copyright 2009, Oracle. All rights reserved. 5 - 10
    Enabling and Disabling an FGA Policy
    Enable a policy:




    Disable a policy:
    dbms_fga.enable_policy (
    object_schema => 'hr',
    object_name => 'employees',
    policy_name => 'audit_emps_salary' );
    dbms_fga.disable_policy (
    object_schema => 'hr',
    object_name => 'employees',
    policy_name => 'audit_emps_salary' );
    Copyright 2009, Oracle. All rights reserved. 5 - 11
    Dropping an FGA Policy
    BEGIN
    dbms_fga.drop_policy (
    object_schema => 'hr',
    object_name => 'employees',
    policy_name => 'audit_emps_salary');
    END;
    Copyright 2009, Oracle. All rights reserved. 5 - 12
    FGA Policy Guidelines
    Setting policy parameters
    Audit conditions
    To audit all statements, use a null or TRUE condition.
    If the audit condition syntax is invalid, an ORA-28112 is
    raised when the audited object is accessed.
    Audit columns
    If audit column is set to null, all columns are audited.
    If the audit column name is valid but incorrect, the wrong
    statements are audited.
    Copyright 2009, Oracle. All rights reserved. 5 - 13
    FGA Policy Errors
    Policy creation errors occur when:
    The audited table or view does not exist
    The policy already exists; error ORA-28101 is raised
    The audit column does not exist
    Audited SQL statements fail when:
    The audit condition is invalid
    The event handler does not exist or is invalid
    Copyright 2009, Oracle. All rights reserved. 5 - 14
    Maintaining the Audit Trail
    Maintaining the audit trail must include:
    Reviewing and storing old records
    Preventing storage problems
    Avoiding loss of records
    Copyright 2009, Oracle. All rights reserved. 5 - 15
    Practice 5 Overview:
    Implementing Fine-Grained Auditing
    This practice covers the following topics:
    Creating an FGA policy
    Observing audited records in the database audit table
    Creating an FGA policy with an event handler
    Copyright 2009, Oracle. All rights reserved. 5 - 16
    Summary
    In this lesson, you should have learned how to:
    Implement FGA
    Maintain FGA policies
    Implement an FGA audit event handler
    Read FGA audit events from the FGA audit trail

    Vous aimerez peut-être aussi