oracle的归档日志如何分天存放
发布网友
发布时间:2022-04-11 07:38
共4个回答
热心网友
时间:2022-04-11 09:07
The answer by the first respondent is totally wrong. ARCHIVELOG/NONARCHIVELOG has nothing to do with what you ask for. ARCHIVELOG/NONARCHIVELOG is about the recoverbility of the database, but what you want is "Auditing" in Oracle, which is about monitoring users' activities in database.
The auditing mechanism for Oracle is extremely flexible, so I'll only talk about performing full auditing on a single user.
1. Database server setup
To allow auditing on the server you must:
Set "audit_trail = true" in the init.ora file.
Run the $ORACLE_HOME/rdbms/admin/cataudit.sql script while connected as SYS.
2. Audit Options
Assuming that the "AAA" user is to be audited:
CONNECT sys/password AS SYSDBA
AUDIT ALL BY AAA BY ACCESS;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY AAA BY ACCESS;
AUDIT EXECUTE PROCEDURE BY AAA BY ACCESS;
These options audit all DDL and DML issued by "AAA", along with some system events.
DDL (CREATE, ALTER & DROP of objects)
DML (INSERT UPDATE, DELETE, SELECT, EXECUTE).
SYSTEM EVENTS (LOGON, LOGOFF etc.)
3. View Audit Trail
The audit trail is stored in the SYS.AUD$ table. It's contents can be viewed directly or via the following views:
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_STMT_AUDIT_OPTS
The audit trail contains a lot of data, but the following are most likely to be of interest:
Username: Oracle Username.
Terminal: Machine that the user performed the action from.
Timestamp: When the action occured.
Object Owner: The owner of the object that was interacted with.
Object Name: The name of the object that was interacted with.
Action Name: The action that occured against the object. (INSERT, UPDATE, DELETE, SELECT, EXECUTE)
4. Maintenance
The audit trail must be deleted/archived on a regular basis to prevent the SYS.AUD$ table growing to an unnacceptable size.
5. Security
Only DBAs should have maintenance access to the audit trail. Auditing modifications of the data in the audit trail itself can be achieved as follows:
AUDIT INSERT, UPDATE, DELETE ON sys.aud$ BY ACCESS;
另外,团IDC网上有许多产品团购,便宜有口碑追问此人是废话,答非所问
热心网友
时间:2022-04-11 10:25
The answer by the first respondent is totally wrong. ARCHIVELOG/NONARCHIVELOG has nothing to do with what you ask for. ARCHIVELOG/NONARCHIVELOG is about the recoverbility of the database, but what you want is "Auditing" in Oracle, which is about monitoring users' activities in database.
The auditing mechanism for Oracle is extremely flexible, so I'll only talk about performing full auditing on a single user.
1. Database server setup
To allow auditing on the server you must:
Set "audit_trail = true" in the init.ora file.
Run the $ORACLE_HOME/rdbms/admin/cataudit.sql script while connected as SYS.
2. Audit Options
Assuming that the "AAA" user is to be audited:
CONNECT sys/password AS SYSDBA
AUDIT ALL BY AAA BY ACCESS;
AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY AAA BY ACCESS;
AUDIT EXECUTE PROCEDURE BY AAA BY ACCESS;
These options audit all DDL and DML issued by "AAA", along with some system events.
DDL (CREATE, ALTER & DROP of objects)
DML (INSERT UPDATE, DELETE, SELECT, EXECUTE).
SYSTEM EVENTS (LOGON, LOGOFF etc.)
3. View Audit Trail
The audit trail is stored in the SYS.AUD$ table. It's contents can be viewed directly or via the following views:
DBA_AUDIT_EXISTS
DBA_AUDIT_OBJECT
DBA_AUDIT_SESSION
DBA_AUDIT_STATEMENT
DBA_AUDIT_TRAIL
DBA_OBJ_AUDIT_OPTS
DBA_PRIV_AUDIT_OPTS
DBA_STMT_AUDIT_OPTS
The audit trail contains a lot of data, but the following are most likely to be of interest:
Username: Oracle Username.
Terminal: Machine that the user performed the action from.
Timestamp: When the action occured.
Object Owner: The owner of the object that was interacted with.
Object Name: The name of the object that was interacted with.
Action Name: The action that occured against the object. (INSERT, UPDATE, DELETE, SELECT, EXECUTE)
4. Maintenance
The audit trail must be deleted/archived on a regular basis to prevent the SYS.AUD$ table growing to an unnacceptable size.
5. Security
Only DBAs should have maintenance access to the audit trail. Auditing modifications of the data in the audit trail itself can be achieved as follows:
AUDIT INSERT, UPDATE, DELETE ON sys.aud$ BY ACCESS;
另外,虚机团上产品团购,超级便宜
热心网友
时间:2022-04-11 12:00
实际上archivlog论天来存放没有什么意义啊?你的目的是什么呢?不行的话就修改db_recovery_file_dest 路径嘛,改到你希望的地方去。追问安装好oracle归档日志默认是按天保存的,一天自动生成一个文件夹保存当前的日志,
我修改归档日志位置后,就不按天生成日志文件夹了,日志都在一个文件夹中,很奇怪?
我想修改归档日志位置后,还让归档日志按天生成文件夹,
不按天生成日志文件夹也可以用,分天只是看着清晰明了
追答如果你一定要这么做的话,那只有手工来改咯,写个shell每天晚上0点执行:
#!/bin/ksh
TIME=`date +%Y%m%d`
mkdir $ORACLE_HOME/flash_recovery_area/test/archivelog/$TIME
sqlplus "/as sysdba" <<!
alter system set log_archive_dest_1='LOCATION=$ORACLE_HOME/flash_recovery_area/test/archivelog/';
exit
!
这样你的日志就能分天存放了,不过这样会带来以下问题:
1、如果脚本执行失败可能导致:因为不能切换redolog而产生的数据库问题。
2、你的备份脚本需要重新修改(对备份时间修改,或者对备份target目录修改)
3、你的数据库如果需要恢复,那将会是相当痛苦的事情。特别是很多天的备份都未成功时。
实际上archivelog主要的用途是数据库内部使用,你总不可能每天使用logminer吧?对数据库而言archivelog不论放在哪都是清晰的(经常修改了反而不清晰了),对你来说可能好看了,但是对数据库来说实用性恐怕为零。另外如果要统计每天的日志量,或者日志个数,对dba来说有很多方法,不见得非要每天都生成目录。
当然了,可能是我还学习得不够深入,也许还有其它办法我不知道或者没想到的。
热心网友
时间:2022-04-11 13:51
