Veysi Gunay's ORACLE BLOG: April 2014

Oracle Database Audit Trail Security

This article presents Oracle Audit Trail,I will demonstrate how to enable and set audit options.

We all DBA have to set database at security level, because the company doesn’t risk any problems and may not trust users. That’s why one of the best useful Oracle security tool is Audit Trail.

SQL> show parameter audit trail

NAME TYPE VALUE

---------------------------- ----------- ----------------------------

audit_file_dest string u01/app/oracle/admin/orcl/adump

audit_sys_operations boolean FALSE

audit_syslog_level string

audit_trail string NONE

Now lets make Audit Trail by basic Alter Command.

SQL> alter system set audit_sys_operations=TRUE scope=SPFILE;

System altered.

SQL> alter system set audit_trail=db_extended scope=SPFILE;

System altered.

Now close the database to set our changes

SQL> shutdown immediate;

Database closed.

Database dismounted.

ORACLE instance shut down.

SQL> startup;

ORACLE instance started.

Total System Global Area 238530560 bytes

Fixed Size 1335724 bytes

Variable Size 155192916 bytes

Database Buffers 79691776 bytes

Redo Buffers 2310144 bytes

Database mounted.

Database opened.

Now check it again

SQL> show parameter audit trail

NAME TYPE VALUE

--------------------------- ----------- ------------------------------

audit_file_dest string /u01/app/oracle/admin/orcl/adump

audit_sys_operations boolean TRUE

audit_syslog_level string

audit_trail string DB_EXTENDED

Okay, its ready to use AUDIT TRAIL. Lets do some examples.

First give the user some privileges then give the user some object privileges

SQL> Audit create any table,drop any table by VEYSI by ACCESS;

Audit succeeded.

Now create Audit table on Veysi User.

SQL> create table audit_vey ( id number(10) );

Table created.

I check my tables for using.

SQL> SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='VEYSI';

TABLE_NAME

------------------------------

VEY_VEY

TBL_READ_ONLY

STUDENT

FLSHBCK_DB_TEST

AUDIT_VEY

REDEF_TAB2

REDEF_TAB

TB1_VEY1

TABLE1

TABLE_NAME

------------------------------

TAB1_2_LOG

TAB2

TAB1

14 rows selected.

Lets use the student table.

SQL> select * from student;

ID NAME SURNAME

---------- ---------- ----------

1 veysi gunay

2 elcin mustafayev

I have this example table. Now I'm gonna change something.

SQL> insert into student (id,name) values (3,'mustafa');

1 row created.

SQL> update student set surname='pasa' where id=2;

1 row updated.

SQL> commit;

Commit complete.

SQL> select * from student;

ID NAME SURNAME

---------- ---------- ----------

3 mustafa

1 veysi gunay

2 elcin pasa

Okay,Now connect as SYS admin and check the audit trail.

SQL> COLUMN user_name FORMAT A10

SQL> COLUMN action_name FORMAT A10

SQL> COLUMN object_name FORMAT A10

SQL> COLUMN sql_text FORMAT A35

SQL>SELECT username,obj_name,action_name, sql_tex FROM dba_audit_trail 2 WHERE username = 'VEYSI' 3 ORDER BY timestamp; USERNAME OBJ_NAME ACTION_NAME SQL_TEXT-------- ---------- ------------ -------------------------------------VEYSI AUDIT_TEST CREATE TABLE create table audit_vey (id number)

VEYSI STUDENT SELECT select * from student

VEYSI STUDENT INSERT insert into student (id,name) values (3,'mustafa')

VEYSI STUDENT UPDATE update student set surname='pasa' where id=2

VEYSI STUDENT SELECT select * from student

As you See The Audit Table get the action of Veysi user on the table student. I hope it would useful.

Data Recovery Advisor Oracle 11g

This article present Oracle 11g new features data recovery advisor. As we all DBA know there are a lot of problems occur to be resolved, So Oracle gift us easy and perfect way to find our errors, advise to solve and the best thing automatic repair failures.

At this scenario I will do a example to be useful post.

First i'll delete a .dbf BE CARE FULL!!

Check there is no failure.

RMAN> LIST FAILURE;

using target database control file instead of recovery catalog

no failures found that match specification..

i deleted /u01/app/my_tbs.dbf

[oracle@ora ~]$ cd /u01/app/

[oracle@ora app]$ ls –l

total 8996

drwxrwxr-x 12 oracle oinstall 4096 Feb 28 19:43 oracle

drwxrwxr-x 5 oracle oinstall 4096 Feb 22 18:31 oraInventory

-rw-r----- 1 oracle oinstall 9183232 Apr 10 18:25 users01.dbf

drwxrwxr-x 2 root root 4096 Feb 23 17:30 veysideneme

Now start up our database and see the error.

SQL> startup;

ORACLE instance started.

Total System Global Area 238530560 bytes

Fixed Size 1335724 bytes

Variable Size 155192916 bytes

Database Buffers 79691776 bytes

Redo Buffers 2310144 bytes

Database mounted.

ORA-01157: cannot identify/lock data file 14 - see DBWR trace file

ORA-01110: data file 14: '/u01/app/my_tbs.dbf'

So you see there is no “MY_TBS.DBF”that’s why I couldn’t opened the database.

Now the game of RMAN J

RMAN> list failure;

using target database control file instead of recovery catalog

List of Database Failures

=========================

Failure ID Priority Status Time Detected Summary

---------- -------- --------- ------------- -------

360 HIGH OPEN 10-APR-14 One or more non-system datafiles are missing

As Rman show as information of missing file. So get the advise of my bro RMAN J

RMAN> advise failure;

List of Database Failures

=========================

Failure ID Priority Status Time Detected Summary

---------- -------- --------- ------------- -------

360 HIGH OPEN 10-APR-14 One or more non-system datafiles are missing

analyzing automatic repair options; this may take some time

allocated channel: ORA_DISK_1

channel ORA_DISK_1: SID=21 device type=DISK

analyzing automatic repair options complete

Mandatory Manual Actions

========================

no manual actions available

Optional Manual Actions

=======================

1. If file /u01/app/my_tbs.dbf was unintentionally renamed or moved, restore it

Automated Repair Options

========================

Option Repair Description

------ ------------------

1 Restore and recover datafile 14

Strategy: The repair includes complete media recovery with no data loss

Repair script: /u01/app/oracle/diag/rdbms/orcl/orcl/hm/reco_755524553.hm

Ahaa! My bro show me a script and let me check it.

RMAN> repair failure preview;

Strategy: The repair includes complete media recovery with no data loss

Repair script: /u01/app/oracle/diag/rdbms/orcl/orcl/hm/reco_755524553.hm

contents of repair script:

# restore and recover datafile

restore datafile 14;

recover datafile 14;

So, I have to restore the datafile 14. My bro “RMAN” is ready for it don’t worry J

RMAN> Repair failure;

Strategy: The repair includes complete media recovery with no data loss

Repair script: /u01/app/oracle/diag/rdbms/orcl/orcl/hm/reco_755524553.hm

contents of repair script:

# restore and recover datafile

restore datafile 14;

recover datafile 14;

Do you really want to execute the above repair (enter YES or NO)? yes

executing repair script

Starting restore at 10-APR-14

using channel ORA_DISK_1

creating datafile file number=14 name=/u01/app/my_tbs.dbf

restore not done; all files read only, offline, or already restored

Finished restore at 10-APR-14

Starting recover at 10-APR-14

using channel ORA_DISK_1

starting media recovery

……………………………………….

media recovery complete, elapsed time: 00:00:15

Finished recover at 10-APR-14

repair failure complete

Do you want to open the database (enter YES or NO)? yes

database opened

RMAN>

Okay, Now my database is opened and let me check the file is came back or not!

[oracle@ora ~]$ ls -l /u01/app/

total 111508

-rw-r----- 1 oracle oinstall 104865792 Apr 10 18:49 my_tbs.dbf

drwxrwxr-x 12 oracle oinstall 4096 Feb 28 19:43 oracle

drwxrwxr-x 5 oracle oinstall 4096 Feb 22 18:31 oraInventory

-rw-r----- 1 oracle oinstall 9183232 Apr 10 18:49 users01.dbf

drwxrwxr-x 2 root root 4096 Feb 23 17:30 veysideneme

Ohhh! I'm glad to use my bro RMAN J So, coffee break!

Veysi Gunay's ORACLE BLOG

A Oracle DBA's BLOG

Wednesday, April 16, 2014

Oracle Database Audit Trail Security

Oracle Database Audit Trail Security

Thursday, April 10, 2014

Data Recovery Advisor Oracle 11g

Data Recovery Advisor Oracle 11g