Oracle 参数 AUDIT_TRAIL 官方解释,作用,如何配置最优化建议
本站中文解释
AUDIT_TRAIL参数用于指定数据库审计跟踪信息的记录方式。它接受三个可能的参数:NONE,DB,OS:
NONE表示不记录任何审计信息,也不会在操作系统上记录任何信息;
DB表示把审计信息记录在数据库表SYS.AUD$中,而不是写入操作系统文件中;
OS表示将审计信息记录在操作系统文件中。
正确设置此参数应该取决于你要求的审计功能。如果您需要轻量级的审计,请设置AUDIT_TRAIL为NONE;如果您需要更详细的跟踪,请将AUDIT_TRAIL设置为DB或OS,具体取决于您的安全策略。
官方英文解释
AUDIT_TRAIL enables or disables database auditing.
| Property | Description |
|---|---|
|
Parameter type |
String |
|
Syntax |
|
|
Default value |
|
|
Modifiable |
No |
|
Modifiable in a PDB |
No |
|
Basic |
No |
Note:
This parameter is effective when using traditional auditing. Traditional auditing is deprecated in Oracle Database 21c. Oracle recommends that you instead use unified auditing, which enables selective and more effective auditing inside Oracle Database.
-
See Oracle Database Security
Guide for more information about unified auditing. -
See Oracle Database Upgrade
Guide for more information about migrating to unified auditing.
In an Oracle database that has migrated to unified auditing, the setting of this parameter has no effect.
Values
-
noneDisables standard auditing. This value is the default if the
AUDIT_TRAILparameter was not set in the initialization parameter file or if you created the database using a method other than Database Configuration Assistant. If you created the database using Database Configuration Assistant, then the default isdb. -
osDirects all audit records to an operating system file. Oracle recommends that you use the
ossetting, particularly if you are using an ultra-secure database configuration. -
dbDirects audit records to the database audit trail (the
SYS.AUD$table), except for records that are always written to the operating system audit trail. Use this setting for a general database for manageability.If the database was started in read-only mode with
AUDIT_TRAILset todb, then Oracle Database internally setsAUDIT_TRAILtoos. Check the alert log for details. -
db, extendedPerforms all actions of
AUDIT_TRAIL=db, and also populates the SQL bind and SQL text CLOB-type columns of theSYS.AUD$table, when available. These two columns are populated only when this parameter is specified. When standard auditing is used withDB, EXTENDED, then virtual private database (VPD) predicates and policy names are also populated in theSYS.AUD$table.If the database was started in read-only mode with
AUDIT_TRAILset todb, extended, then Oracle Database internally setsAUDIT_TRAILtoos. Check the alert log for details. -
xmlWrites to the operating system audit record file in XML format. Records all elements of the
AuditRecordnode exceptSql_TextandSql_Bindto the operating system XML audit file. -
xml, extendedPerforms all actions of
AUDIT_TRAIL=xml, and includes SQL text and SQL bind information in the audit trail.
You can use the SQL AUDIT statement to set auditing options regardless of the setting of this parameter.
In a CDB, the scope of the settings for this initialization parameter is the CDB. Although the audit trail is provided per PDB in a CDB, this initialization parameter cannot be configured for individual PDBs.
Examples
The following statement sets the db, extended value for the AUDIT_TRAIL parameter. The new value takes effect after the database is restarted.
SQL> alter system set AUDIT_TRAIL=db, extended scope=spfile; System altered. SQL>
The following statement sets the xml, extended value for the AUDIT_TRAIL parameter. The new value takes effect after the database is restarted.
SQL> alter system set AUDIT_TRAIL=xml, extended scope=spfile; System altered. SQL>
The following statement sets the db value for the AUDIT_TRAIL parameter. The new value takes effect after the database is restarted.
SQL> alter system set AUDIT_TRAIL=db scope=spfile; System altered. SQL>
See Also:
-
Oracle Database Security
Guide for information about configuring unified audit policies -
Oracle Database Upgrade
Guide to learn more about traditional non-unified auditing
