Oracle教程 2023-02-24

Oracle 视图 V$XML_AUDIT_TRAIL 官方解释，作用，如何使用详细说明

本站中文解释

V$XML_AUDIT_TRAIL是oracle数据库中XML审计跟踪视图，为DBA提供XML审计及访问控制策略执行过程中的信息。

V$XML_AUDIT_TRAIL视图用于跟踪XML文档的审计事件，出现的审计异常等关键信息，包括：XML审计事件发生时间、审计对象、对象操作、审计用户、其他审计相关上下文信息。

使用V$XML_AUDIT_TRAIL视图，DBA可以搜集XML审计信息，进行相关分析，确保XML数据的安全性。

官方英文解释

V$XML_AUDIT_TRAIL shows standard, fine-grained, SYS, and mandatory audit records written in XML format files.

Note:

This view is relevant when using traditional auditing. Traditional auditing is deprecated in Oracle Database 21c. Oracle recommends that you instead use unified auditing, which enables selective and more effective auditing inside Oracle Database.

See Oracle Database Security
Guide for more information about unified auditing.
See Oracle Database Upgrade
Guide for more information about migrating to unified auditing.

This view is populated only in an Oracle Database where unified auditing is not enabled. When unified auditing is enabled in Oracle Database, the audit records are populated in the new audit trail and can be viewed from UNIFIED_AUDIT_TRAIL.

Column	Datatype	Description
`AUDIT_TYPE`	`NUMBER`	Type of audit row: 1 = Standard XML Audit 2 = Fine Grained XML Audit 4 = SYS XML Audit 8 = Mandatory XML Audit
`SESSION_ID`	`NUMBER`	Numeric ID for the Oracle session
`PROXY_SESSIONID`	`NUMBER`	Proxy session serial number, if an enterprise user has logged in through a proxy mechanism
`STATEMENTID`	`NUMBER`	Numeric ID for the statement run (a statement may cause multiple audit records)
`ENTRYID`	`NUMBER`	Numeric ID for the audit trail entry in the session
`EXTENDED_TIMESTAMP`	`TIMESTAMP(6) WITH TIME ZONE`	Timestamp of the audited operation (the timestamp of the user’s logon for entries is created by AUDIT SESSION)
`GLOBAL_UID`	`VARCHAR2(32)`	Global user identifier for the user, if the user has logged in as an enterprise user
`DB_USER`	`VARCHAR2(128)`	Database username of the user whose actions were audited
`CLIENTIDENTIFIER`	`VARCHAR2(64)`	Client identifier in the Oracle session
`EXT_NAME`	`VARCHAR2(1024)`	User’s external name
`OS_USER`	`VARCHAR2(128)`	Operating system logon user name of the user whose actions were audited
`OS_HOST`	`VARCHAR2(128)`	Client host system name
`OS_PROCESS`	`VARCHAR2(16)`	Operating system process identifier of the Oracle server process
`TERMINAL`	`VARCHAR2(30)`	Identifier for the user’s terminal
`INSTANCE_NUMBER`	`NUMBER`	Instance number as specified by the `INSTANCE_NUMBER` initialization parameter
`OBJECT_SCHEMA`	`VARCHAR2(128)`	Owner of the audited object
`OBJECT_NAME`	`VARCHAR2(128)`	Name of the object affected by the action
`POLICY_NAME`	`VARCHAR2(128)`	Name of the fine-grained auditing policy
`NEW_OWNER`	`VARCHAR2(128)`	Owner of the object named in the `NEW_NAME` column
`NEW_NAME`	`VARCHAR2(128)`	New name of object after renaming, or the name of an underlying object (for example, `CREATE INDEX owner.obj_name ON new_owner.new_name`)
`ACTION`	`NUMBER`	Numeric code for the action type
`STATEMENT_TYPE`	`NUMBER`	Description of the action
`TRANSACTIONID`	`RAW(8)`	Identifier of the transaction in which the object is accessed or modified
`RETURNCODE`	`NUMBER`	Oracle error code generated by the action. Zero if the action succeeded.
`SCN`	`NUMBER`	System change number (SCN) of the query
`COMMENT_TEXT`	`VARCHAR2(4000)`	Text comments on standard audit entries. Also indicates how the user was authenticated – the method can be one of the following: `DATABASE` – authentication was done by password `NETWORK` – authentication was done by Oracle Net Services or the Advanced Networking Option `PROXY` – the client was authenticated by another user. The name of the proxy user follows the method type.
`AUTH_PRIVILEGES`	`VARCHAR2(32)`	Privileges granted and revoked in `GRANT` and `REVOKE` statements recorded for standard audit trail entry
`GRANTEE`	`VARCHAR2(128)`	User who granted or revoked the privilege
`PRIV_USED`	`NUMBER`	Numerical code of privileges, if any, used in the action
`SES_ACTIONS`	`VARCHAR2(16)`	Session summary for standard audit records. A string of 12 characters, one for each action type, in the following order: Alter, Audit, Comment, Delete, Grant, Index, Insert, Lock, Rename, Select, Update, Flashback. Values: – = None, S=Success, F=Failure, B=Both
`OS_PRIVILEGE`	`VARCHAR2(7)`	This column is populated only for administrative authentication audit records. It contains the administrative privilege used (for example, `SYSDBA`, `SYSOPER`, `NONE`). For all other types of audit records, the value of this column is null.
`ECONTEXT_ID`	`VARCHAR2(64)`	Application execution context identifier
`SQL_BIND`	`VARCHAR2(4000)`	List of bind variables used in the statement
`SQL_TEXT`	`VARCHAR2(4000)`	The statement or command that triggered the audit event
`OBJ_EDITION_NAME`	`VARCHAR2(128)`	Name of the edition containing the audited object
`DBID`	`NUMBER`	Database identifier of the audited database
`RLS_INFO`	`VARCHAR2(4000)`	Stores virtual private database (VPD) policy names and predicates separated by delimiter. To format the output into individual rows, use the `DBMS_AUDIT_UTIL.DECODE_RLS_INFO_ATRAIL_XML` function.
`CURRENT_USER`	`VARCHAR2(128)`	Effective user for the statement execution
`CON_ID`	`NUMBER`	The ID of the container to which the data pertains. Possible values include: `0`: This value is used for rows containing data that pertain to the entire CDB. This value is also used for rows in non-CDBs. `1`: This value is used for rows containing data that pertain to only the root n: Where n is the applicable container ID for the rows containing data

Note:

The SQL_BIND and SQL_TEXT columns are only populated if the AUDIT_TRAIL initialization parameter is set to xml, extended or if the AUDIT_SYS_OPERATIONS initialization parameter is set to TRUE.

本站中文解释

官方英文解释

相关推荐