-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathaudit.sql
166 lines (122 loc) · 4.28 KB
/
audit.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
-- ==============================================================================
-- GPI - Gunther Pippèrr
-- Desc : Get the audit settings of the database
--
-- Must be run with dba privileges
-- see also for the source of some of the commands
-- https://oracle-base.com/articles/11g/auditing-enhancements-11gr2#initializing_the_management_infrastructure
-- ==============================================================================
set linesize 130 pagesize 300
ttitle left "Audit settings -- init.ora " skip 2
show parameter audit
ttitle left "Audit Settings -- Parameters " skip 2
column parameter_name format a30
column parameter_value format a20
column audit_trail format a20
select parameter_name
, parameter_value
, audit_trail
from dba_audit_mgmt_config_params
order by 1
/
ttitle left "Audit Settings -- Audit objects" skip 2
column audit_option format a30
column success format a12
column failure format a12
select audit_option
, success,failure
from dba_stmt_audit_opts
order by 1
/
----------------
----------------
column PARAMETER_NAME format a40
column PARAMETER_VALUE format a30
column AUDIT_TRAIL format a20
ttitle left "Audit Settings -- Parameter of the normal Auditing" skip 2
SELECT PARAMETER_NAME
, PARAMETER_VALUE
, AUDIT_TRAIL
FROM dba_audit_mgmt_config_params
order by 1
/
ttitle left "Audit Settings -- Cleanup Jobs" skip 2
column JOB_NAME format a24 heading "JOB|NAME"
column JOB_STATUS format a10 heading "JOB|STATUS"
column AUDIT_TRAIL format a20 heading "AUDIT|TRAIL"
column JOB_FREQUENCY format a30 heading "JOB|FREQUENCY"
column USE_LAST_ARCHIVE_TIMESTAMP format a10 heading "LAST | TIMESTAMP"
column JOB_CONTAINER format a20 heading "JOB|CONTAINER"
select JOB_NAME
, JOB_STATUS
, AUDIT_TRAIL
, JOB_FREQUENCY
, USE_LAST_ARCHIVE_TIMESTAMP
, JOB_CONTAINER
from DBA_AUDIT_MGMT_CLEANUP_JOBS
/
ttitle left "Audit Settings -- delete older Audits then " skip 2
COLUMN RAC_INSTANCE format 999 heading "RAC|Inst"
COLUMN audit_trail FORMAT A20 heading "Audit|Trail"
COLUMN last_archive_ts FORMAT A40 heading "Last Archive|TS"
SELECT RAC_INSTANCE
, AUDIT_TRAIL
, LAST_ARCHIVE_TS
FROM dba_audit_mgmt_last_arch_ts
order by 1,2
/
prompt -- AUDIT_TRAIL_TYPE: The audit trail whose timestamp is to be set (Constants)
prompt -- LAST_ARCHIVE_TIME: Records or files older than this time will be deleted.
prompt -- if empty not set!
prompt -- to set use
DOC
-------------------------------
BEGIN
DBMS_AUDIT_MGMT.set_last_archive_timestamp(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD
, last_archive_time => SYSTIMESTAMP-15);
END;
/
-------------------------------
#
ttitle off
set serveroutput on
BEGIN
DBMS_OUTPUT.put_line(' -------------------------------------------- ');
DBMS_OUTPUT.put_line('-- Info - Check if the clean job for the audit Log is enabled');
IF DBMS_AUDIT_MGMT.is_cleanup_initialized(DBMS_AUDIT_MGMT.AUDIT_TRAIL_AUD_STD) THEN
DBMS_OUTPUT.put_line('-- Info - Cleaning job is enabled => !!! YES !!!');
ELSE
DBMS_OUTPUT.put_line('-- Info - Cleaning job is not enabled => !!! NO !!!');
END IF;
DBMS_OUTPUT.put_line(' -------------------------------------------- ');
END;
/
------
DOC
-------------------------------------------------------------------------------
-- to enable the delete of the logs use:
BEGIN
DBMS_AUDIT_MGMT.init_cleanup(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL
, default_cleanup_interval => 24 /* hours */);
END;
/
to disable use
BEGIN
DBMS_AUDIT_MGMT.deinit_cleanup(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL);
END;
/
-- create Job for this Task
BEGIN
DBMS_AUDIT_MGMT.create_purge_job(
audit_trail_type => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL
, audit_trail_purge_interval => 12 /* hours */
, audit_trail_purge_name => 'CLEANUP_AUDIT_TRAIL_ALL'
, use_last_arch_timestamp => TRUE);
END;
/
-------------------------------------------------------------------------------
#
--DBA_AUDIT_OBJECT