Friday, May 8, 2009

SYSDBA Audit

Parameter:

audit_sys_operations = TRUE

Script 1 :

#!/usr/bin/ksh
#
# Description:
# SYSDBA Audit report daily
#
#

ORACLE_HOME=/u01/oracle/product/10.1.0
export ORACLE_HOME
ORACLE_SID=oradb
export ORACLE_SID

d=`date +\%Y\%m\%d`
yesterday=$((d-1))

mkdir /var/log/DbSYSAudit/$yesterday

auditdir=/var/log/DbSYSAudit
auditdir1=$auditdir/$yesterday
auditdir2=$ORACLE_HOME/rdbms/audit

#### copy

ls -lrt $auditdir2awk '{print $9}' > $auditdir/cplist.txt

for name1 in `cat $auditdir/cplist.txt`
do
cp $auditdir2/$name1 $auditdir1
done

#### count

cnt=`ls -lrt $auditdir1 wc -l`

echo "**************************" > $auditdir/AuditLogC.txt
echo "Report Date : " $yesterday >> $auditdir/AuditLogC.txt
echo "Server/DB : " `hostname`/$ORACLE_SID >> $auditdir/AuditLogC.txt
echo " " >> $auditdir/AuditLogC.txt
echo "SYS Audit Log Count : " $cnt >> $auditdir/AuditLogC.txt
echo "**************************" >> $auditdir/AuditLogC.txt

#### report

echo "$yesterday SYSDBA Audit Report:" > $auditdir/SYSAuditLog.$yesterday.log

for name2 in `cat $auditdir/cplist.txt`
do
echo "-----------------------------------------" >> $auditdir/SYSAuditLog.$yesterday.log
echo $name2 >> $auditdir/SYSAuditLog.$yesterday.log
echo " " >> $auditdir/SYSAuditLog.$yesterday.log
cat $auditdir2/$name2 >> $auditdir/SYSAuditLog.$yesterday.log
echo " " >> $auditdir/SYSAuditLog.$yesterday.log
echo " " >> $auditdir/SYSAuditLog.$yesterday.log
done

#### Email

MAILS='annaxu@jp.com.sg'
#MAILS='annaxu@jps.com.sg itmonitor@jps.com.sg'

(cat $auditdir/AuditLogC.txt; /usr/bin/uuencode $auditdir/SYSAuditLog.$yesterday.log SYSAuditLog.$yesterday.log) mailx -r OracleDB@jps.com.sg -s "SYS Audit Daily Report" $MAILS

### HouseKeep

rm $auditdir/AuditLogC.txt

rm $auditdir/cplist.txt

rm -rf $auditdir2/*
Posted by at No comments:
Subscribe to: Posts (Atom)