oracle里怎樣對某個用戶進行審計

grant connect, resource, dba to TEST

義安ssl適用于網(wǎng)站、小程序/APP、API接口等需要進行數(shù)據(jù)傳輸應用場景，ssl證書未來市場廣闊！成為創(chuàng)新互聯(lián)建站的ssl證書銷售渠道，可以享受市場價格4-6折優(yōu)惠！如果有意向歡迎電話聯(lián)系或者加微信：13518219792（備注：SSL證書合作）期待與您的合作！

DBA: 擁有全部特權，是系統(tǒng)最高權限，只有DBA才可以創(chuàng)建數(shù)據(jù)庫結構。

RESOURCE:擁有Resource權限的用戶只可以創(chuàng)建實體，不可以創(chuàng)建數(shù)據(jù)庫結構。

CONNECT:擁有Connect權限的用戶只可以登錄Oracle，不可以創(chuàng)建實體，不可以創(chuàng)建數(shù)據(jù)庫結構。

沒用過grant insert,select這些權限的，不過你可以試試可以嗎

如何打開oracle10g審計功能

個表名為SYS.AUD$，位于數(shù)據(jù)目錄下。在一些操作系統(tǒng)中，你還可以給操作系統(tǒng)自己的事件日志子系統(tǒng)寫審計記錄。 Oracle 10g增加了第三個選項：在一個操作系統(tǒng)目錄中寫入文件的功能。這些文件可以為XML格式。

在oracle中開啟審計功能

sqlplus "/ as sysdba"

show parameter audit

alter system set audit_sys_operations=TRUE scope=spfile;

alter system set audit_trail=DB scope=spfile;

shutdown immediate;

startup force;

Oracle 11g起audit是自動開啟的。我很煩這個審計開啟，審計日志半個月10G，煩煩煩。我一把都關閉Oracle的審計功能，提高Oracle的空閑率。

oracle數(shù)據(jù)庫的審計功能

在oracle11g中，數(shù)據(jù)庫的審計功能是默認開啟的（這和oracle10g的不一樣，10g默認是關閉的），

oracle11gr2的官方文檔上寫的是錯的，當上說default是none，而且是審計到db級別的，這樣就會

往aud$表里記錄統(tǒng)計信息。

1.如果審計不是必須的，可以關掉審計功能；

sql

show

parameter

audit_trail;

name

type

value

------------------------------------

-----------

------------------------------

audit_trail

string

db

sql

alter

system

set

audit_trail=none

scope=spfile;

sql

shut

immediate;

sqlstartup

2.刪除已有的審計信息

可以直接truncate表aud$,

truncate

table

sys.aud$;

3.或者將aud$表移到另外一個表空間下，以減少system表空間的壓力和被撐爆的風險。

附：11g中有關audit_trail參數(shù)的設置說明：

audit_trail

property

description

parameter

type

string

syntax

audit_trail

=

{

none

|

os

|

db

[,

extended]

|

xml

[,

extended]

}

default

value

none

modifiable

no

basic

no

audit_trail

enables

or

disables

database

auditing.

values:

none

disables

standard

auditing.

this

value

is

the

default

if

the

audit_trail

parameter

was

not

set

in

the

initialization

parameter

file

or

if

you

created

the

database

using

a

method

other

than

database

configuration

assistant.

if

you

created

the

database

using

database

configuration

assistant,

then

the

default

is

db.

os

directs

all

audit

records

to

an

operating

system

file.

oracle

recommends

that

you

use

the

os

setting,

particularly

if

you

are

using

an

ultra-secure

database

configuration.

db

directs

audit

records

to

the

database

audit

trail

(the

sys.aud$

table),

except

for

records

that

are

always

written

to

the

operating

system

audit

trail.

use

this

setting

for

a

general

database

for

manageability.

if

the

database

was

started

in

read-only

mode

with

audit_trail

set

to

db,

then

oracle

database

internally

sets

audit_trail

to

os.

check

the

alert

log

for

details.

db,

extended

performs

all

actions

of

audit_trail=db,

and

also

populates

the

sql

bind

and

sql

text

clob-type

columns

of

the

sys.aud$

table,

when

available.

these

two

columns

are

populated

only

when

this

parameter

is

specified.

if

the

database

was

started

in

read-only

mode

with

audit_trail

set

to

db,

extended,

then

oracle

database

internally

sets

audit_trail

to

os.

check

the

alert

log

for

details.

xml

writes

to

the

operating

system

audit

record

file

in

xml

format.

records

all

elements

of

the

auditrecord

node

except

sql_text

and

sql_bind

to

the

operating

system

xml

audit

file.

xml,

extended

performs

all

actions

of

audit_trail=xml,

and

populates

the

sql

bind

and

sql

text

clob-type

columns

of

the

sys.aud$

table,

wherever

possible.

these

columns

are

populated

only

when

this

parameter

is

specified.

you

can

use

the

sql

audit

statement

to

set

auditing

options

regardless

of

the

setting

of

this

parameter.