日志
关于审计跟踪功能的一些补充
Profile/设置
审计线索:激活 肯定是要设的
登录:审计层 4个选项(无,用户,RESPONSIBILITY,表单),不知道有什么用
系统管理员—安全性—审计线索
安装
把启用跟踪钩上
组
把需要跟踪的表归在一个组内。
可用AuditTrail Report for Audit Group Validation请求检查设置:是否同一个表被归入多个跟踪组
表
表列均需注册才能选到,还需要注册主键和主键列(有些系统表也没有注册,oracle提供了注册的补丁),否则在运行AuditTrail Update Tables请求时会报找不到主键的错误。
如果已注册主键列,上图主关键字自动打勾(那是个非数据库字段)
应用开发员—应用产品—数据库—表
验证注册的表,列,主键
Register Primary Key:
execute ad_dd.register_primary_key('TVSN', 'TVSN_AREA_PK1', 'TVSN_AREA_ALL','TVSN_AREA_PK1', 'S', 'Y','Y');
execute ad_dd.register_primary_key_column('TVSN', 'TVSN_AREA_PK1', 'TVSN_AREA_ALL', 'AREA_ID', 5);
Note:
procedure register_primary_key
(p_appl_short_name in varchar2,
p_key_name in varchar2,
p_tab_name in varchar2,
p_description in varchar2,
p_key_type in varchar2,
p_audit_flag in varchar2,
p_enabled_flag in varchar2)
procedure register_primary_key_column
(p_appl_short_name in varchar2,
p_key_name in varchar2,
p_tab_name in varchar2,
p_col_name in varchar2,
p_col_sequence in number)
AuditTrail Update Tables 并发请求运行说明(参见示例html)
1 删除系统审计表、列信息
DELETE FROM FND_AUDIT_TABLES
DELETE FROM FND_AUDIT_COLUMNS
2 创建表(shadow table)
CREATE TABLE TVSN_AREA_ALL_A (AUDIT_TIMESTAMP DATE NOT NULL, AUDIT_TRANSACTION_TYPE VARCHAR(1) NOT NULL, AUDIT_USER_NAME VARCHAR2(100) NOT NULL, AUDIT_TRUE_NULLS VARCHAR2(250), AUDIT_SESSION_ID NUMBER NOT NULL, AUDIT_SEQUENCE_ID NUMBER NOT NULL,AUDIT_COMMIT_ID NUMBER NOT NULL, ROW_KEY NUMBER ) 3 授权APPS
GRANT ALL ON TVSN_AREA_ALL_A to APPS 4 创建同义词
CREATE SYNONYM TVSN_AREA_ALL_A for TVSN.TVSN_AREA_ALL_A 5 修改shadow table ,添加主键列(row_key)
ALTER TABLE TVSN_AREA_ALL_A ADD (ROW_KEY NUMBER)
ALTER TABLE TVSN_AREA_ALL_A ADD (AREA_ID NUMBER ) 6 再次删除审计列信息后添加审计列信息
DELETE FROM FND_AUDIT_COLUMNS C WHERE C.TABLE_APP_ID= 20003 AND C.TABLE_ID = 89939 AND C.COLUMN_ID = 815564 AND C.SCHEMA_ID = 900 INSERT INTO FND_AUDIT_COLUMNS (TABLE_APP_ID,TABLE_ID,COLUMN_ID,STATE,SEQUENCE_ID,SCHEMA_ID,LAST_UPDATE_DATE,LAST_UPDATED_BY,LAST_UPDATE_LOGIN,CREATED_BY,CREATION_DATE) VALUES ( 20003, 89939, 815564, 'K', 0, 900, SYSDATE,0,0,0,SYSDATE) 7 删除TRIGGER和PROCEDURE
DROP TRIGGER TVSN_AREA_ALL_AIDROP TRIGGER TVSN_AREA_ALL_ADDROP TRIGGER TVSN_AREA_ALL_AU DROP PROCEDURE TVSN_AREA_ALL_AIPDROP PROCEDURE TVSN_AREA_ALL_ADPDROP PROCEDURE TVSN_AREA_ALL_AUP
8 创建PROCEDURE
CREATE OR REPLACE PROCEDURE TVSN_AREA_ALL_AIPCREATE OR REPLACE PROCEDURE TVSN_AREA_ALL_ADPCREATE OR REPLACE PROCEDURE TVSN_AREA_ALL_AUP
9 创建TRIGGER
CREATE OR REPLACE TRIGGER TVSN_AREA_ALL_AI
AFTER INSERT ON TVSN_AREA_ALL FOR EACH ROW BEGIN IF fnd_global.audit_active THEN TVSN_AREA_ALL_AIP(:old.AREA_ID,:new.AREA_ID);END IF;END; CREATE OR REPLACE TRIGGER TVSN_AREA_ALL_AU AFTER UPDATE OF AREA_ID ON TVSN_AREA_ALLFOR EACH ROW BEGIN IF fnd_global.audit_active THEN TVSN_AREA_ALL_AUP(:old.AREA_ID,:new.AREA_ID);END IF;END; CREATE OR REPLACE TRIGGER TVSN_AREA_ALL_AD AFTER DELETE ON TVSN_AREA_ALL FOR EACH ROW BEGINIF fnd_global.audit_active THEN TVSN_AREA_ALL_ADP(:old.AREA_ID,:new.AREA_ID);END IF;END; 10 创建View
TVSN_AREA_ALL_AV1
TVSN_AREA_ALL_AC1
11 更新审计表信息
UPDATE FND_AUDIT_TABLES T SET T.STATE = 'E' WHERE T.TABLE_ID = 89939 AND T.TABLE_APP_ID = 20003 AND NOT EXISTS ( SELECT NULL FROM FND_AUDIT_COLUMNS C WHERE C.TABLE_APP_ID = T.TABLE_APP_ID AND C.TABLE_ID = T.TABLE_ID AND C.STATE = 'P' AND C.SCHEMA_ID != -1) 12 禁用失效的列(跟踪组)
update fnd_audit_groups g et g.state='E' where g.state = 'R' and not exists (select NULL from fnd_audit_tables t where t.audit_group_id = g.audit_group_id and t.audit_group_app_id = g.application_id and t.state != 'E') FND_AUDIT_COLUMNS F WHERE F.TABLE_APP_ID = C.TABLE_APP_ID AND F.TABLE_ID = C.TABLE_ID AND F.COLUMN_ID = C.COLUMN_ID AND F.SCHEMA_ID = D.SCHEMA_ID)
未结问题
1 本例添加、删除操作在TVSN_AREA_ALL_A表里能找到跟踪记录,修改操作没有,为什么?
2 TVSN_AREA_ALL_A
TVSN_AREA_ALL_AV1 TVSN_AREA_ALL_AC1只能记录操作的类型、用户、时间,却不支持值的变化情况,如何扩展?
3 黄建华文档里提到的MST_AUDIT_REP_EXCP.runAuditReport到底能扩展出什么用途?
SQL/Trace的补充
Tkprof 命令是Oracle 客户端的一个可执行文件,比如 在
prodora\
点名卡
救生圈
时空机
热点灯
变色卡