FGA精细化审计配置
注意:开启FGA精细化审计后,无法对表进行列级钱包加密,需要先禁用FGA审计策略,开启加密后,再启用FGA审计策略
begin
dbms_fga.add_policy(object_schema => 'xxwip', --schema名(默认当前操作用户)
object_name => 'ben_audit', --被操作object对象
policy_name => 'ben_audit_fga', --policy名(唯一)
audit_condition => NULL,
audit_column => NULL, --监视的字段(默认为全部)
handler_schema => NULL,
handler_module => NULL,
enable => TRUE,
statement_types => 'select,insert,update,delete', --受影响的操作
audit_trail => dbms_fga.DB_EXTENDED, --默认值
audit_column_opts => dbms_fga.ANY_COLUMNS); --默认值
end;
begin
dbms_fga.add_policy(object_schema => 'ORACHEN',
object_name => 'T1',
policy_name => 'fga_orachen_t1',
audit_condition => NULL,
audit_column => NULL,
handler_schema => NULL,
handler_module => NULL,
enable => TRUE,
statement_types => 'select,insert,update,delete',
audit_trail => dbms_fga.DB_EXTENDED,
audit_column_opts => dbms_fga.ANY_COLUMNS);
end;
exec DBMS_FGA.DISABLE_POLICY(object_schema => 'ORACHEN',object_name => 'T1',policy_name => 'fga_orachen_t1' );
exec DBMS_FGA.ENABLE_POLICY(object_schema => 'ORACHEN',object_name => 'T1',policy_name => 'fga_orachen_t1',enable => TRUE );
--批量查询脚本
select 'exec DBMS_FGA.DISABLE_POLICY(object_schema => '''||object_schema||''''||',object_name => '''||object_name||''''||',policy_name => '''||policy_name||''''||');' from dba_audit_policies;
select policy_name,enabled,object_name,policy_owner from dba_audit_policies;
本文来自博客园,作者:Eddie小陈,转载请注明原文链接:https://www.cnblogs.com/orachen/p/15878793.html
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 全程不用写代码,我用AI程序员写了一个飞机大战
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· .NET10 - 预览版1新功能体验(一)