最近经常遇到等保需求,需要打开审计并定期清理
1、打开审计配置
SQL> alter system set audit_sys_operations=true scope=spfile;
SQL> ALTER SYSTEM SET audit_trail=DB,EXTENDED SCOPE=SPFILE;
重启后生效
2、配置保留180天,并定期清理
SQL>
variable job number;
begin
sys.dbms_job.submit(job => :job,
what => 'delete /*+ NOLOGGING */ sys.aud$ where trunc(NTIMESTAMP#) <= sysdate - 180;
commit;',
next_date => to_date('2023-07-20 00:00:00', 'yyyy-mm-dd hh24:mi:ss'),
interval => 'sysdate+30');
commit;
end;
/
查看JOB
set pagesize 199 linesize 199;
col WHAT for a50;
select JOB,LOG_USER,WHAT,NEXT_DATE from dba_jobs where LOG_USER='SYS';
删除JOB
exec dbms_job.remove(63); -- 根据实际情况调整