I want to activate an audit operation on a table or two in my oracle db,
and for that I need to set the audit parameters.
alter system set AUDIT_SYS_OPERATIONS=true scope=spfile;
alter system set AUDIT_TRAIL=db, extended scope=spfile;
But those parameters not realy changed becuase startup of DB is needed.
Is there a way to skip over the startup to apply those changes?
This is realy important DB in production Env, and startup is almost-impossible.
Thank you.
If you just want to enable auditing on a selected objects then you can do it without bouncing your database instance. Audit trail is set to DB by default.
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/orcl/adu
mp
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string DB
All you need to do is to enable required auditing on that object.
SQL> conn jay
Enter password:
Connected.
SQL> audit select on my_table;
Audit succeeded.
SQL> conn system
Enter password:
Connected.
SQL> select * from jay.my_table;
no rows selected
Audit information can be accessed from USER_AUDIT_OBJECT view.
SQL> conn jay
Enter password:
Connected.
SQL> select username, action_name from user_audit_object where obj_name='MY_TABLE';
USERNAME ACTION_NAME
------------------------------ ----------------------------
SYSTEM SESSION REC
However, if you need to enable auditing for sysdba/sysoper privileged users such as sys then you need to set audit_sys_operations parameter to true which in turn requires database shutdown.
Moreover, if you are using Oracle 12c then AUDIT_SYS_OPERATIONS is set to true by default.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production
SQL> show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/orcl/adump
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string DB
you cant use it with no startup
look this (Auditing Administrative Users)
Related
I enabled auditing on my Oracle XE server via the following run by the sys user:
SQL> ALTER SYSTEM SET audit_sys_operations=true SCOPE=spfile;
SQL> ALTER SYSTEM SET audit_trail=XML,EXTENDED SCOPE=spfile;
SQL> SHUTDOWN IMMEDIATE
SQL> STARTUP
When I run queries as the sys user, an xml file records the queries in the default location (e.g., /u01/app/oracle/admin/XE/adump/xe_ora_2339_1.xml). However, if I run a query as a different user (e.g., test_user), no updates occur in any of the files in the adump directory.
I've confirmed that the parameter is set for the test_user:
SQL> show parameter audit;
NAME TYPE VALUE
------------------------ ------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/XE/adump
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string XML, EXTENDED
I also tried restarting my sqlplus session (i.e., reconnecting with the test_user), as well as disabling audit_sys_operations, and the issue remains.
Version info: Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production (via this docker image).
My issue was that, in addition to enabling auditing, I also needed to specify what to audit with the AUDIT command. In my case, I wanted everything, so I added the following (commands mentioned in this tutorial):
SQL> AUDIT ALL; # note: it seems like the next two statements would be included with "all", but I didn't verify this.
SQL> AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE;
SQL> AUDIT EXECUTE PROCEDURE;
Note that with AUDIT_TRAIL=XML,EXTENDED (and maybe all the file-based auditing settings?), it looks there is some buffering of writing the XML file, as I didn't get a query showing up until my test user disconnected, so if you are missing a log entry, try logging the user out to see if it shows up.
I was under the impression that when one uses the ALTER SYSTEM statement, the new setting is in effect as long as the instance is up / database is mounted:
https://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_2013.htm#SQLRF00902
After a reboot the setting should revert to its old value.
I have done the below change, shut down and started the instance back up and the new setting is still in effect. Any ideas?
SQL> show parameter SEC_CASE_SENSITIVE_LOGON
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
sec_case_sensitive_logon boolean TRUE
SQL> ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE;
System altered.
-------Restarted the database---------------------------
SQL> ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = FALSE;
System altered.
In that link you provided, you have to look for the SCOPE parameter. By default is Both, if you're using SPFILE (which is the most common), means it will save on the SPFILE and change in memory as well.
Hugepage and SGA change require reboot.
su - oracle
sqlplus / as sysdba
alter system set memory_max_target=11520m scope=spfile;
--assuming an spfile is used
alter system set memory_target=11520m scope=spfile;
--assuming an spfile is used
shutdown the DB
start the DB
I have a Oracle stored procedure that queries data through database link, sometimes it takes a while, and got Oracle error as below:
ORA-02399: exceeded maximum connect time, you are being logged of
Is there any way to reconnect the database link if it got disconnected?
Thank you for the help
If you have SYSDBA access you can give a try with increasing the CONNECT_TIME parameter in DEFAULT profile( You can also create your own profile and do the following. I am considering only default profile). See below steps:
SQL> conn / as sysdba
Connected.
SQL> alter profile default
2 limit connect_time 10 --10 refers to 10 minutes
3 /
Profile altered.
Set RESOURCE_LIMIT to TRUE so that limits would be enforced:
SQL> alter system set resource_limit = true
2 /
System altered.
SQL>
Then give DEFAULT profile to the user(Like Scott) you are using to connect Oracle Session.
SQL> alter user SCOTT profile DEFAULT;
User altered.
SQL> grant create session to SCOTT
2 /
Grant succeeded.
The oracle verify function includes a setting which checks for the distance of the last passsword. ora12c_verify_function:
-- Check if the password differs from the previous password by at least
-- 3 characters
IF old_password IS NOT NULL THEN
differ := string_distance(old_password, password);
IF differ < 3 THEN
raise_application_error(-20010, 'Password should differ from the '
|| 'old password by at least 3 characters');
END IF;
END IF ;
RETURN(TRUE);
END;
Why it is possible to change the password with only one different character?
Connected to:
Oracle Database 12c Standard Edition Release 12.1.0.2.0 - 64bit Production
SQL> ALTER USER TEST PROFILE DEFAULT;
SQL> ALTER PROFILE default LIMIT PASSWORD_VERIFY_FUNCTION ora12c_verify_function;
SQL> alter user test identified by "123456789_abc!";
User altered.
SQL> alter user test identified by "123456789_abc!";
alter user test identified by "123456789_abc!"
*
ERROR at line 1:
ORA-28007: the password cannot be reused
SQL> alter user test identified by "123456789_abcd!";
User altered.
I found the soultion on Oracle Support Doc ID 816932.1. The issue is related to the fact that the ALTER USER privilege does not require the user to know the old password, so consequently it will not check this old password when this privilege is used. Without the privilige the user needs to supply the old password with the REPLACE command.
ALTER USER SCOTT IDENTIFIED BY NEWPASSWORD REPLACE TIGER;
I am unable to add more than 200 datafiles in my database because of these parameters:
select records_total from v$controlfile_record_section where type = 'DATAFILE';
select value from v$parameter where name = 'db_files';
Both of these give me an output of 200. I need to increase this to 400 so I have tried:
alter system set records_total = 400 where name = 'db_files';
alter system set value= 400 where type = 'DATAFILE';
but I am getting
S
QL Error: ORA-02065: illegal option for ALTER SYSTEM
02065. 00000 - "illegal option for ALTER SYSTEM"
*Cause: The option specified for ALTER SYSTEM is not supported
*Action: refer to the user manual for option supported
Am I able to change these parameters and how?
You probably want to use commands like this:
C:\Users\jonearles>sqlplus / as sysdba
SQL*Plus: Release 12.1.0.2.0 Production on Fri Jul 10 13:07:16 2015
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL> show parameter db_files
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
db_files integer 200
SQL> alter system set db_files=400 scope=spfile;
System altered.
SQL> shutdown immediate
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup
ORACLE instance started.
Total System Global Area 1048576000 bytes
Fixed Size 3053584 bytes
Variable Size 662702064 bytes
Database Buffers 377487360 bytes
Redo Buffers 5332992 bytes
Database mounted.
Database opened.
SQL> show parameter db_files
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
db_files integer 400
SQL>
This assumes you are using an SPFILE (or else you will need to manually edit the init.ora file and restart) and you are not using RAC (or else you will need to use a command like srvctl stop database -d my_sid).
As ditto mentioned, it can help to look at the ALTER syntax. It may also help to look at the Oracle Database Reference, which will tell you if the command is dynamic (meaning it can be run without restarting the database).