Have you ever had to answer questions like, “This data does not look right. Could we find out who changed it and when? How did they change it? What was there before the change? How do we fix it back?” If so, this article will give you a quick start in the right direction. It really is possible to find out the answers to these questions, and not that difficult.
I have used these principles on all types of systems in production today, on Unix (AIX, HP-UX, Sun Solaris, Linux) and Windows (NT, 2000) servers, on Oracle 8.x, 8i, 9i. The techniques I'm going to cover require some knowledge of Oracle and some experimentation. However, samples are provided that should help you to get
Oracle Log Miner
Most DBAs would not want to enable the Oracle auditing, as there is a visible impact on space consumption and especially performance (some authors report a 10 — 20 percent performance loss for significant auditing). However, transaction information is recorded in the redo logs (on line and archives) and, starting with version 8.1.5, Oracle supports log mining. LogMiner can be run on the redo log producing (source) database or on an analyzing (miner) database.
Some restrictions of LogMiner:
It is only available in Oracle version 8.1 or later
It can only analyze redo log files (online or archived) from 8.0 or later databases
Oracle7 has a different format of the redo log files, so this version cannot be log mined
The same hardware platform must be on both databases
The same database character set must be on both databases
The same database block size must be on both databases
The dictionary file can only be created in a directory included in parameter UTL_FILE_DIR in file INIT.ORA
LogMiner does not support file access across database links, so dictionary files and redo logs must be moved to the machine hosting the analyzing instance.
LogMiner 8i does not support operations on:
data types LONG and LOB
non-scalar data types
simple and nested abstract data types (ADTs)
collections (nested tables and VARRAYS)
Object Refs
Index Organized Tables (IOTs)
clustered tables/indexes
chained rows
direct path inserts, even though such operations are logged
精品推荐