Oracle 参数 AUDIT_SYSLOG_LEVEL 官方解释，作用，如何配置最优化建议

本站中文解释

AUDIT_SYSLOG_LEVEL是Audit Vault和Database Firewall中用于控制syslog消息级别的参数。该参数可以控制标准audit_syslog输出消息级别，允许被记录的日志消息类型可以被定制。

可用的参数范围有：

• 0(EMERGENCY)：表示紧急情况，系统操作将受到影响和崩溃，所有用户将立即受到影响;
• 1(ALERT)：表示需要立即采取行动;
• 2(CRITICAL)：表示重要情况，表现为严重性问题，当前操作受阻;
• 3(ERROR)：表示错误，仍然允许操作继续进行，但是对系统性能或功能有限制;
• 4(WARNING)：表示存在潜在风险，但仍不影响系统性能或功能;
• 5(NOTICE)：表示重要情况，但不会产生严重影响;
• 6(INFORMATIONAL)：表示提示信息，比如信息服务的启动和停止;
• 7(DEBUG)：表示调试信息，用于调试目的;

正确设置Oracle参数AUDIT_SYSLOG_LEVEL的方法如下：

1.登录到目标数据库，使用SQL*Plus命令窗口;
2.使用 alter system set audit_syslog_level= scope=spfile’语句设置audit_syslog_level值，其中为您想设置的日志级别，可以是0-7范围内的任何值;
3.使用 shutdown immediate 语句关闭当前的数据库实例;
4.使用 startup 语句重新启动数据库实例;
5.使用 show parameter audit_syslog_level 命令检查参数是否已成功设置。

官方英文解释

AUDIT_SYSLOG_LEVEL allows SYS and standard OS audit records to be written to the system audit log using the SYSLOG utility.

facility_clause::=

{ USER | LOCAL[0 | 1 | 2 | 3 | 4 | 5 | 6 | 7] | SYSLOG | DAEMON | KERN | MAIL | AUTH | LPR | NEWS | UUCP | CRON }

priority_clause::=

{ NOTICE | INFO | DEBUG | WARNING | ERR | CRIT | ALERT | EMERG }

Note:

This parameter is effective when using traditional auditing. Traditional auditing is deprecated in Oracle Database 21c. Oracle recommends that you instead use unified auditing, which enables selective and more effective auditing inside Oracle Database.

See Oracle Database Upgrade
Guide for more information about migrating to unified auditing.

In an Oracle database that has migrated to unified auditing, the setting of this parameter has no effect.

If you use this parameter, it is best to assign a file corresponding to every combination of facility and priority (especially KERN.EMERG) in syslog.conf . Sometimes these are assigned to print to the console in the default syslog.conf file. This can become annoying and will be useless as audit logs. Also, if you use this parameter, it is best to set the maximum length of syslog messages in the system to 512 bytes.

Note:

Audit records written to the system audit log could get truncated to 512 bytes, and different parts of the same audit record may not be joined to get the original complete audit record.

See Also:

Oracle Database Security
Guide for information about configuring syslog auditing

If AUDIT_SYSLOG_LEVEL is set and SYS auditing is enabled (AUDIT_SYS_OPERATIONS = TRUE), then SYS audit records are written to the system audit log. If AUDIT_SYSLOG_LEVEL is set and standard audit records are being sent to the operating system (AUDIT_TRAIL = os), then standard audit records are written to the system audit log.

In a CDB, the scope of the settings for this initialization parameter is the CDB. Although the audit trail is provided per PDB in a CDB, this initialization parameter cannot be configured for individual PDBs.

我想要获取技术服务或软件
服务范围：MySQL、ORACLE、SQLSERVER、MongoDB、PostgreSQL 、程序问题
服务方式：远程服务、电话支持、现场服务，沟通指定方式服务
技术标签：数据恢复、安装配置、数据迁移、集群容灾、异常处理、其它问题

本站部分文章参考或来源于网络，如有侵权请联系站长。
数据库远程运维 Oracle 参数 AUDIT_SYSLOG_LEVEL 官方解释，作用，如何配置最优化建议