PRACTICAS TEMA 9.
AUDITORA.
1. Ver la descripcin de las vistas ALL_DEF_AUDIT_OPTS, DBA_AUDIT_OBJECT,
DBA_AUDIT_SESSION,
DBA_AUDIT_STATEMENT,
DBA_AUDIT_TRAIL,
DBA_OBJ_AUDIT_OPTS, DBA_PRIV_AUDIT_OPTS, y DBA_STMT_AUDIT_OPTS.
Averiguar el significado de cada uno de los campos usando la documentacin
en lnea.
SQL> desc ALL_DEF_AUDIT_OPTS
Nombre
Nulo?
-------------------------------------- -------ALT
AUD
COM
DEL
GRA
IND
INS
LOC
REN
SEL
UPD
REF
EXE
...
Tipo
-----------------VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
VARCHAR2(3)
ACTION#
RETURNCODE
OBJ$CREATOR
OBJ$NAME
AUTH$PRIVILEGES
AUTH$GRANTEE
NEW$OWNER
NEW$NAME
SES$ACTIONS
SES$TID
LOGOFF$LREAD
LOGOFF$PREAD
LOGOFF$LWRITE
LOGOFF$DEAD
LOGOFF$TIME
COMMENT$TEXT
CLIENTID
SPARE1
SPARE2
OBJ$LABEL
SES$LABEL
PRIV$USED
SESSIONCPU
NTIMESTAMP#
PROXY$SID
USER$GUID
INSTANCE#
PROCESS#
XID
AUDITID
SCN
DBID
SQLBIND
SQLTEXT
NOT NULL
NOT NULL
NUMBER
NUMBER
VARCHAR2(30)
VARCHAR2(128)
VARCHAR2(16)
VARCHAR2(30)
VARCHAR2(30)
VARCHAR2(128)
VARCHAR2(19)
NUMBER
NUMBER
NUMBER
NUMBER
NUMBER
DATE
VARCHAR2(4000)
VARCHAR2(64)
VARCHAR2(255)
NUMBER
RAW(255)
RAW(255)
NUMBER
NUMBER
TIMESTAMP(6)
NUMBER
VARCHAR2(32)
NUMBER
VARCHAR2(16)
RAW(8)
VARCHAR2(64)
NUMBER
NUMBER
CLOB
CLOB
6. Abrir una sesin a la base de datos como usuario SYSTEM y como usuario
prueba01. Comprobar que informacin se ha guardado en la auditora
como consecuencia de las operaciones anteriores (consultar la vista
DBA_AUDIT_TRAIL).
SQL> audit select table, delete table, update table, insert table by access;
Auditoria terminada correctamente.
CREATE SESSION
UPDATE TABLE
BY ACCESS
BY ACCESS
BY ACCESS
BY ACCESS
7 filas seleccionadas.
Tabla creada.
SQL> grant select, insert, update, delete on codigos_notas to prueba02;
Grant succeeded.
SQL> connect prueba02
Enter password:
Conectado.
SQL> select * from prueba01.codigos_notas;
ninguna fila seleccionada
SQL> insert into prueba01.codigos_notas values ('0','NO PRESENTADO');
1 fila creada.
SQL> insert into prueba01.codigos_notas values ('1','APROBADO');
1 fila creada.
SQL> commit;
Confirmacion terminada.
por
defecto
de
auditora
de
objetos
12.Especificar las opciones de auditora por defecto para los objetos creados en
un futuro de forma que se registre informacin siempre que se produzca un
alter, grant, insert, update o delete.
SQL>
select
substr(owner,1,12),substr(OBJECT_NAME,1,12),
substr(object_type,1,10), DEL, INS, SEL, UPD from dba_obj_audit_opts where
owner='PRUEBA01' order by object_name, object_type;
SUBSTR(OWNER
SUBSTR(OBJEC
SUBSTR(OBJ DEL INS SEL UPD
-----------------------------------------------------------------------------------------------PRUEBA01
CODIGOS_NOTA
TABLE
S/S
S/S S/S -/-
10
SQL>
select
substr(owner,1,10)
prop,substr(table_name,1,8)
tabla,substr(tablespace_name,1,10)
espacio,
INITIAL_EXTENT,
NEXT_EXTENT,MIN_EXTENTS,MAX_EXTENTS
from
dba_tables
where
table_name='AUD$';
PROP
TABLA ESPACIO INITIAL_EXTENT NEXT_EXTENT MIN_EXTENTS
------------------------------------------------------------------------------------------MAX_EXTENTS
-----------------SYS
AUD$
SYSTEM
65536
1
2147483645
11
12
XID
START_SCN START_TI COMMIT_SCN COMMIT_T
-------------------------------------------------------------------------------LOGON_USER
UNDO_CHANGE# OPERATION
-------------------------------------------------------------------------------TABLE_NAME
-------------------------------------------------------------------------------TABLE_OWNER
ROW_ID
--------------------------------------------------UNDO_SQL
-------------------------------------------------------------------------------010023004D090000 4993228 22/10/06 4993235 22/10/06
SCOTT
1 UPDATE
EMP
SCOTT
AAAEtaAAEAAAAAgAAA
update "SCOTT"."EMP" set "SAL" = '800' where ROWID = 'AAAEtaAAEAAAAAgAAA';
13
ROWID
14
SQL> rollback;
Rollback terminado.
SQL> select * from emp where empno=7902;
EMPNO ENAME
JOB
MGR HIREDATE
SAL
COMM
-------------------------------------------------------------------------------------DEPTNO
--------------7902 FORD
ANALYST
7566 03/12/81
3000
20
XID
START_SCN START_TI COMMIT_SCN COMMIT_T
-------------------------------------------------------------------------------LOGON_USER
UNDO_CHANGE# OPERATION
-------------------------------------------------------------------------------TABLE_NAME
-------------------------------------------------------------------------------TABLE_OWNER
ROW_ID
--------------------------------------------------UNDO_SQL
-------------------------------------------------------------------------------010023004D090000 4993228 22/10/06 4993235 22/10/06
SCOTT
1 UPDATE
EMP
SCOTT
AAAEtaAAEAAAAAgAAA
update "SCOTT"."EMP" set "SAL" = '800' where ROWID = 'AAAEtaAAEAAAAAgAAA';
15
set
"SAL"
'800'
where
ROWID
1 fila actualizada.
SQL> commit;
Confirmacion terminada.
SQL> select * from emp where empno=7369;
EMPNO ENAME
JOB
MGR HIREDATE
SAL
COMM
16
-------------------------------------------------------------------------------------DEPTNO
---------7369 SMITH
CLERK
7902 17/12/80
800
20
SQL> select * from flashback_transaction_query where table_owner='SCOTT'
order by start_scn;
XID
START_SCN START_TI COMMIT_SCN COMMIT_T
-------------------------------------------------------------------------------LOGON_USER
UNDO_CHANGE# OPERATION
-------------------------------------------------------------------------------TABLE_NAME
-------------------------------------------------------------------------------TABLE_OWNER
ROW_ID
--------------------------------------------------UNDO_SQL
-------------------------------------------------------------------------------010023004D090000 4993228 22/10/06 4993235 22/10/06
SCOTT
1 UPDATE
EMP
SCOTT
AAAEtaAAEAAAAAgAAA
update "SCOTT"."EMP" set "SAL" = '800' where ROWID = 'AAAEtaAAEAAAAAgAAA';
03000000030A0000 4993413 22/10/06
21/10/06
SCOTT
1 UPDATE
EMP
SCOTT
AAAEtaAAEAAAAAgAAA
update
"SCOTT"."EMP"
set
"SAL"
=
'3000'
where
'AAAEtaAAEAAAAAgAAA';
ROWID
17
7782
7788
7839
7876
7902
7934
CLARK
SCOTT
KING
ADAMS
FORD
MILLER
MANAGER
ANALYST
PRESIDENT
CLERK
ANALYST
CLERK
7839
7566
7788
7566
7782
09/06/81
19/04/87
17/11/81
23/05/87
03/12/81
23/01/82
2450
3000
5000
1290
3000
1300
10
20
10
20
20
10
9 filas seleccionadas.
EMPNO ENAME
JOB
MGR
HIREDATE SAL
COMM DEPTNO
------------------------------------------------------------------------------------------------7788 SCOTT
ANALYST 7566
19/04/87 6500
20
7839 KING
PRESIDENT
17/11/81 6500
10
7902 FORD
ANALYST 7566
03/12/81 6500
20
SQL> select empno,job,sal from emp AS OF TIMESTAMP (SYSTIMESTAMP INTERVAL '10' MINUTE ) where job='PRESIDENT' or job='ANALYST';
EMPNO JOB
SAL
---------------------------------------7788 ANALYST
3000
7839 PRESIDENT
5000
7902 ANALYST
3000
SQL> select empno,job,sal from emp AS OF TIMESTAMP (SYSTIMESTAMP INTERVAL '5' SECOND) where job='PRESIDENT' or job='ANALYST';
EMPNO JOB
SAL
----------------------------------------7788 ANALYST
6500
18
7839 PRESIDENT
7902 ANALYST
6500
6500
6500
6500
19
3000
5000
3000
6 filas seleccionadas.
08002C00AD070000 UPDATE
5285011 5285781
SCOTT
update "SCOTT"."EMP" set "SAL" = '6500' where ROWID = 'AAAEtaAAEAAAAAgAAI';
08002C00AD070000 UPDATE
SCOTT
update
"SCOTT"."EMP"
set
'AAAEtaAAEAAAAAgAAH';
...
"SAL"
5285011
5285781
'6500'
where
ROWID
20
21
22
audit_option,success,
failure
from
23
USER_NAME
AUDIT_OPTION
SUCCESS
FAILURE
-------------------------------------------------------------------------------------ALTER USER
BY ACCESS BY ACCESS
DROP USER
BY ACCESS BY ACCESS
LOCK TABLE
BY ACCESS NOT SET
PRUEBA02
CREATE SESSION
BY ACCESS BY ACCESS
PRUEBA01
CREATE SESSION
BY ACCESS BY ACCESS
SQL>
select
user_name,
sys.dba_priv_audit_opts;
privilege,success,
failure
from
USER_NAME
PRIVILEGE
SUCCESS
FAILURE
-------------------------------------------------------------------------------------ALTER USER
BY ACCESS
BY ACCESS
DROP USER
BY ACCESS
BY ACCESS
PRUEBA01
CREATE SESSION
BY ACCESS
BY ACCESS
PRUEBA02
CREATE SESSION
BY ACCESS
BY ACCESS
24
USUARIO
TIEMPO_CONEXION PROPIE
OBJETO
ACCION
-------------------------------------------------------------------------------------PRUEBA02 15-10-006 12:15:55 SCOTT
EMP
LOCK
PRUEBA02 15-10-006 12:16:04 SCOTT
EMP
DELETE
PRUEBA02 15-10-006 12:16:29 SCOTT
EMP
DELETE
3 filas seleccionadas.
25
26
PRUEBA02
15-10-006 12:43:28
SCOTT
EMP
SESSION REC
4 filas seleccionadas.
27
GRANTEE
GRANTED_ROLE
ADM DEF
------------------------------ ------------------------------ --- --PRUEBA02
CONEXION
NO YES
28
29