数据库审计是数据库安全的重要组成部分。
例如,想要分析几年前的某个请求如何影响一些表,可以使用数据库审计信息获取所需的分析报告。
For example, if you need to analyze how a given request that happened a few years back affected some tables, you can now use the database audit information to obtain what you need for that analysis.
然而传统的数据库审计系统往往只是一个简单的日志系统,而并不具备对日志进行分析的能力。
But the traditional database audit system is always only a simple log system without the ability of analyzing the log records.
探测器在操作系统内核级上监视所有数据库事务,包括特权用户的事务,而不依赖于数据库审计日志。
The probes monitor all database transactions, including those of privileged users, at the operating system kernel level without relying on database audit logs.
提出了一种数据库入侵检测模型,利用该模型对数据库审计信息进行挖掘,以发现代表合法用户典型行为的用户轮廓。
This paper presents a model of database intrusion detection system, which USES data mining on the audit data in database systems to derive user profiles that describe normal behavior of users.
如果我们想写入数据库外部的一个文件,或者发送一个消息队列上的审计记录,又该如何做呢?
What if we want to write to a file outside the database or send the auditing record on a message queue?
如果该子句未指定任何内容,那么可以提取来自实例中任何数据库的审计记录。
If you do not specify anything for this clause, audit records from all databases in the instance are eligible for extraction.
如果您还希望记录搜索以便进行审计,该模块将与数据库抽象模块一起使用。
If you also want to log the searches for audit, this module will work with the database-abstraction module.
我们建议把这些审计表放在单独的表空间中,定期使用一般的数据库方法存档这些数据。
We recommend to put these audit tables in a separate table space and to archive those data regularly using general database methods.
表1列出了可以审计的不同类型的数据库事件,并描述了审计记录是何时生成的。
Table 1 lists the different types of database events that can be audited and describes when an audit record is generated.
还有审计方面的改进,允许重放以前的数据库活动。
There are also auditing improvements that allow for the replay of past database activities.
审计功能可以监控不同类型的数据库事件,您可以指定只记录成功的事件还是只记录失败的事件,或者两种事件都记录。
The audit facility can monitor different types of database events and you can specify whether only successful or failed events, or both, should be logged.
对于业务过程和人工任务,可以把事件发送到BPC数据库中特定的审计日志表。
For business processes and human tasks, there is the option to send events to specific audit log tables within the BPC database.
审计功能可以监视不同类型的数据库事件。
The audit facility can monitor different types of database events.
某些应用程序需要了解特定时间范围内的数据库更新,以便进行数据复制、场景审计等等。
Some applications need to know database updates for certain time ranges, which may be used for replication of data, auditing scenarios, and so forth.
由此审计扩展应用程序使用的数据库的连接细节。
Connection details for the database used by the audit extension application.
它可以生成对一系列预定义的数据库事件的审计跟踪,并允许dba维护审计跟踪。
It generates and allows a DBA to maintain an audit trail for a series of predefined database events.
幸运的是,DB 2附带了一个审计工具,该工具可以生成一个DBA,并允许DBA维护一系列预定义数据库事件的审计追踪。
Fortunately, DB2 comes with an auditing facility that generates and allows a DBA to maintain an audit trail for a series of predefined database events.
作为一项最佳实践,应该对数据库执行随机安全审计。
As a best practice, perform random security audits on your database.
最后一步是帮助强制使用统一的审计字段名称,并确保数据库实体具有这些字段。
The final step is a way to help enforce the names of the audit fields and to ensure that the database entities have those fields.
如图所示,审计功能运行在实例级,为实例中的所有数据库服务。
As the figure shows, the audit facility operates at the instance level servicing all databases in the instance.
解决方案还提供漏洞评估和配置审计功能,让 DBA 可以直接评估数据库的安全性。
The solution also provides vulnerability assessment and configuration-auditing capabilities that enable DBAs to directly evaluate the security of their databases.
在审计期间,SAM来到数据库服务器,并完成登录。
During the auditing period, SAM walks over to the database server and logs in.
前面介绍的row类型和UDF相关知识表明,可以创建一个可用于您的数据库中的任意表的审计函数。
With what we just learned about ROW types and UDFs, we can see that it is possible to create an auditing function that can be used for any tables in your database.
在审计期间,用户SAM走向数据库服务器,然后登录。
During the auditing period, the user SAM walks over to the database server and logs in.
基本审计是以数据库为中心的应用程序中的常见特性之一。
Basic auditing is a common feature in database-centric applications.
现在,我们可以编写do_auditing 1 “C”流程来提供数据库修改审计。
We can now write the do_auditing1 "c" procedure to provide the database modifications auditing.
审计缓冲区大小(audit _ buf_sz):该参数指定审计数据库时使用的缓冲区的大小。
Audit buffer size (audit_buf_sz) : This parameter specifies the size of the buffer used when auditing the database.
Guardium审计和遵从性解决方案提供自动化的审计,能够保护重要数据库,支持治理策略的统一执行。
The Guardium solution for audit and compliance provides automated auditing that secures high-value databases and enables consistent execution of governance policies.
使用DgDiscover,DBAs能够审计它们的数据库环境,并在整个企业内快速确定敏感信息的位置。
With DgDiscover, DBAs can audit their database environment and quickly determine where sensitive information resides throughout the enterprise.
应用推荐