Jephe Wu - http://linuxtechres.blogspot.com
Objective: create DDL trigger on database to audit all DDL statement.
Environment: CentOS 5.5 64bit, Oracle 11g 64bit
Steps:
1. create a separate tablespace and user called audittrail
2. create trigger on database, record all ddl log to audittrail user ddl_log table.
Trigger:
1. filter _TMP table in JEPHE schema
2. create the following trigger in sys schema
CREATE TABLE audittrail.DDL_LOG
(
USER_NAME VARCHAR2(30 BYTE),
DDL_DATE DATE,
DDL_TYPE VARCHAR2(30 BYTE),
OBJECT_TYPE VARCHAR2(25 BYTE),
OWNER VARCHAR2(30 BYTE),
OBJECT_NAME VARCHAR2(128 BYTE),
CLIENT_USER VARCHAR2(40 BYTE),
MACHINE VARCHAR2(40 BYTE)
);
CREATE OR REPLACE TRIGGER DDL_LOG AFTER DDL ON DATABASE
DECLARE
MACHINE VARCHAR2(400);
OSUSER VARCHAR2(40);
IPINFO VARCHAR2(30);
IP1 VARCHAR2(30);
NO1 NUMBER(1);
erno NUMBER;
ermsg VARCHAR2(1500);
USER_INFO VARCHAR2(50);
SIDINFO VARCHAR2(50);
Host_name VARCHAR2(50);
USER_NAME VARCHAR2(25);
MACHINE_NAME VARCHAR2(40);
BEGIN
SELECT sys_context('USERENV','IP_ADDRESS') INTO IPINFO FROM DUAL;
SELECT SYS_CONTEXT('USERENV','TERMINAL') INTO MACHINE FROM DUAL;
SELECT sys_context('USERENV','OS_USER') INTO OSUSER FROM DUAL;
ermsg:=SUBSTR(ora_dict_obj_name,LENGTH(ora_dict_obj_name)-3,LENGTH(ora_dict_obj_name));
if ora_dict_obj_owner= 'JEPHE' AND upper(ermsg) = '_TMP'
then
null;
else
INSERT INTO audittrail.ddl_log VALUES(ora_login_user,SYSDATE,ora_sysevent,ora_dict_obj_type,ora_dict_obj_owner,ora_dict_obj_name,OSUSER,MACHINE);
END IF;
END;
/
skip to main |
skip to sidebar
Total Pageviews
Posts
Bookmark
Search This Blog
Followers
keywords
oracle
mysql
clone
db2
linux
apache
lvm
rman
zabbix
RIP
hp
ms sql
openldap
openssl
ssh
Oracle VM
percona
expdp
freebsd
impdp
logshipping
pf
backup and restore
centos
dd
ilo
performance tuning
putty
snmp
vmware
vnc
NFS
RAC
ansible
aws
bash
cisco
cognos
dns
email
iscsi
ldap
nc
netapp
openssh
rsync
socat
tomcat
traceroute
udev
vsp
windows
FAQ
LUN
RHN
acl
awr
bonding
chage
chroot
clustering
clusterware
controlfile
dataguard
dbforbix
firewall
gmirror
gpg
grub
icmp
initrd
ipsec
iptables
kickstart
kpartx
leputty
mss
mtu
multipath
ntfs
ntfs-3g
ntfsclone
ntfsresize
ntp
oracle installation
partition
pga
raid
replicate
resize2fs
restore
screen
sendmail
serial console
serial port
setfacl
sftp
shrink
snapshot
snmptrap
sparse
sql server
sqldeveloper
ssl certificate
sssd
sudosh
tcptraceroute
telnet
tshark
ulimit
virtualization
vmstat
vpn
xfs
zmodem
63s
ASM
Amazon
DMS
DNSSEC
DR
EVA
MBR
MariaDB
OEL
ORA-03135
ORA-3135
Oracle Linux
RDS
SAM
SQL ALG
TSIG
VIM_VCDB
X port forwarding
ack
adcli
addm
alter session
amm
archive log
asmi
audittrail
awk
base64
bdb
best practice
bind
bios
blat
bostion
bsd
cable modem
carp
cd copy
certificate
checkpoint
chntpw
chrony
citidirect
console
core dump
corkroo
cpio
cpu
crs
cups
cygwin
datafile corruption
db2advis
dbua
ddclient
ddl
ddrescue
deflate
delegation
delete
dhcp
disaster recovery
disown
drac
dyndns
ebs
ec2
em
emctl
epel
erase
export
fdisk
foreman
fsck
ftp
ftp-proxy
fuser
getent
getfacl
gmail
gpart
halt
hardware
hugepage
hvm
ibm
import
innobackupex.
innodb
iops
ipmi
keepalive
kerberos
keystore
keytool
kvm
limits.conf
listener
load balancing
lockwait
logshiping
loop
lsof
lvextend
mailsend
map drive
md5sum
mdadm
mime
minicom
mmm
mmm2
mod_proxy
mount
mount options
movie
mp3
mrtg
msmtp
mtr
mutt
mwm
mysql-proxy
mysqldump
nagios
nat
netstat
network
networkmanager
nohup
ntop
ocr
octopussy
offset
opatch
openbsd
oracke
oracle names
oracle-validated
oradim
ossec
ovm
p5
packet loss
padsize
pageant
partprobe
partx
password
pfile
php
phpldapadmin
ping
pip
pmtu
port forwarding
poweroff
proxyarp
proxytunnel
pscp
psk
psp
pstree
pt-table-checksum
pvm
pvresize
qmail
qwinsta
racoon
ramfs
rbsu
rdr
readonly
realm
reboot
recover
remi
reset password
resize
resolv.conf
resource manager
rhel
rhn_register
rhnreg_ks
rmmod
rpm
rsa
rsyslog
rwinsta
scn
secure delete
security group
selinux
session cookie
setsid
sfdisk
shred
shutdown
size
smo
snapdrive
snapmanager
snare
socks
spfile
sql server management studio
sqlplus
squid
ssl
ssms
ssmtp
static-route
statistics
storage
stty
su
sudo
swap
swatch
syn
synonym
syslog-ng
sysman
tablespace
tar
tcp
tcpdump
terminal services
thunderbird
tiger
time since last restore
timeout
timestamp
timezone
tls
tmpfs
toad
trace
tracetcp
trigger
ttyS0
twm
undelete
undo
upgrade
uptime
usermod
validate
vcenter
verisign
vi
virt-manager
virtio
virtualbox
vlm
vpc
wget
winrm
wireless
wireshark
wscale
xauth
xhost
xtrabackup
yum
All Posts
-
▼
2010
(75)
-
▼
December
(8)
- Oracle DDL Trigger on Database
- Linux Clustering Concept
- How to use LVM snapshot to clone CentOS 5 server
- How to use ntop and proxyarp to monitor network t...
- How to access office server and admin desktop from...
- How to mount ntfs partition under CentOS
- How to map ftp/sftp drive for remote server from W...
- How to troubleshoot packet loss and latency for In...
-
▼
December
(8)
About me
Linux SysAdmin with 20+ years experience, Oracle/MySQL DBA, RHCE