閱讀筆記 dbms_fga 包的使用,對錶設定審計策略

from 閱讀筆記 dbms_fga 包的使用,對錶設定審計策略

piner的文章: 
http://www.oracle.com.cn/thread-3582-1-162.html
http://www.oracle.com.cn/thread-1824-1-1.html

  使用dbms_fga包可以,審計表的Select語句,在特定的情況下，如果想跟蹤一個表的Select語句已便於優化，使用這個包是非常好的;
  對於使用綁定變量的語句也能獲取到變量值(DBA_FGA_AUDIT_TRAIL.SQL_BIND字段). DBMS_FGA包同普通審計與DML觸發器一樣，如果對過多的表進行審計，將會嚴重影響性能。

實驗:
1) 建策略:
BEGIN 
dbms_fga.add_policy( object_schema => 'CRM2', 
         object_name => 'TMP_DETAIL', 
         policy_name => 'chk_test2', 
         audit_condition => 'STATUS=3', 
         audit_column => 'STATUS', 
         enable => TRUE ,
         handler_schema => 'CRM2',
         handler_module => 'SP_CHK_MYTABLE' ); 
END; 
/

2) 建表,存儲過程 SP_CHK_MYTABLE:  
create table audit$proc (audtime date,loguser varchar2(64),audsid number, clientip varchar2(64),object_schema varchar2(64), object_name varchar2(64), policy_name varchar2(64));
CREATE or replace PROCEDURE sp_chk_mytable ( 
 p_object_schema VARCHAR2, 
 p_object_name   VARCHAR2, 
 p_policy_name   VARCHAR2) AS 
BEGIN 
 INSERT  INTO audit$proc (audtime,loguser,audsid, clientip,
     object_schema, object_name, policy_name ) 
 VALUES (sysdate,ora_login_user,userenv('SESSIONID'),
        sys_context('userenv','ip_address'),p_object_schema,p_object_name, p_policy_name ); 
        commit;
END sp_chk_mytable;

3) 
運行 select * from TMP_DETAIL where rownum<2; 觸發審覈策略;
查 audit$proc表,dba_fga_audit_trail視圖; dbms_fga包自動帶入sp_chk_mytable過程所需要的三個參數,audit$proc表的記錄正確.

--參閱sql reference 文檔,sys_context函數:
select 
sys_context('userenv','AUDITED_CURSORID'), 
sys_context('userenv','AUTHENTICATION_DATA'), 
sys_context('userenv','AUTHENTICATION_TYPE'), 
sys_context('userenv','BG_JOB_ID'), 
sys_context('userenv','CLIENT_IDENTIFIER'), 
sys_context('userenv','CLIENT_INFO'), 
sys_context('userenv','CURRENT_SCHEMA'), 
sys_context('userenv','CURRENT_SCHEMAID'), 
sys_context('userenv','CURRENT_SQL'), 
sys_context('userenv','CURRENT_USER'), 
sys_context('userenv','CURRENT_USERID'), 
sys_context('userenv','DB_DOMAIN'), 
sys_context('userenv','DB_NAME'), 
sys_context('userenv','EXTERNAL_NAME'), 
sys_context('userenv','FG_JOB_ID'), 
sys_context('userenv','GLOBAL_CONTEXT_MEMORY'), 
sys_context('userenv','HOST'), 
sys_context('userenv','INSTANCE'), 
sys_context('userenv','IP_ADDRESS'), 
sys_context('userenv','ISDBA'), 
sys_context('userenv','LANG'), 
sys_context('userenv','LANGUAGE'), 
sys_context('userenv','NETWORK_PROTOCOL'), 
sys_context('userenv','NLS_CALENDAR'), 
sys_context('userenv','NLS_CURRENCY'), 
sys_context('userenv','NLS_DATE_FORMAT'), 
sys_context('userenv','NLS_DATE_LANGUAGE'), 
sys_context('userenv','NLS_SORT'), 
sys_context('userenv','NLS_TERRITORY'), 
sys_context('userenv','OS_USER'), 
sys_context('userenv','PROXY_USER'), 
sys_context('userenv','PROXY_USERID'), 
sys_context('userenv','SESSION_USER'), 
sys_context('userenv','SESSION_USERID'), 
sys_context('userenv','SESSIONID'), 
sys_context('userenv','TERMINAL') ,
SYS_CONTEXT('USERENV','ENTRYID')
from dual;

p.s.

   以上實驗帶入 handler_module 的情況會造成表裏面的status=3的記錄都查詢不到的情況,大致判斷是查詢語句跑進 過程裏面去了. 現象是status=3的記錄都被屏蔽了,去掉 handler_module 參數後正常.