注意:开启FGA精细化审计后,无法对表进行列级钱包加密,需要先禁用FGA审计策略,开启加密后,再启用FGA审计策略
begin
dbms_fga.add_policy(object_schema => 'xxwip', --schema名(默认当前操作用户)
object_name => 'ben_audit', --被操作object对象
policy_name => 'ben_audit_fga', --policy名(唯一)
audit_condition => NULL,
audit_column => NULL, --监视的字段(默认为全部)
handler_schema => NULL,
handler_module => NULL,
enable => TRUE,
statement_types => 'select,insert,update,delete', --受影响的操作
audit_trail => dbms_fga.DB_EXTENDED, --默认值
audit_column_opts => dbms_fga.ANY_COLUMNS); --默认值
end;
begin
dbms_fga.add_policy(object_schema => 'ORACHEN',
object_name => 'T1',
policy_name => 'fga_orachen_t1',
audit_condition => NULL,
audit_column => NULL,
handler_schema => NULL,
handler_module => NULL,
enable => TRUE,
statement_types => 'select,insert,update,delete',
audit_trail => dbms_fga.DB_EXTENDED,
audit_column_opts => dbms_fga.ANY_COLUMNS);
end;
exec DBMS_FGA.DISABLE_POLICY(object_schema => 'ORACHEN',object_name => 'T1',policy_name => 'fga_orachen_t1' );
exec DBMS_FGA.ENABLE_POLICY(object_schema => 'ORACHEN',object_name => 'T1',policy_name => 'fga_orachen_t1',enable => TRUE );
--批量查询脚本
select 'exec DBMS_FGA.DISABLE_POLICY(object_schema => '''||object_schema||''''||',object_name => '''||object_name||''''||',policy_name => '''||policy_name||''''||');' from dba_audit_policies;
select policy_name,enabled,object_name,policy_owner from dba_audit_policies;