privilegeanalysis
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| privilegeanalysis [2015/07/22 11:17] – created z0hpvk | privilegeanalysis [2025/03/08 22:24] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ===== Privilege Analysis ===== | ===== Privilege Analysis ===== | ||
| + | It is possible to use privilege analysis without having Database Vault configured.\\ | ||
| + | ==== Define Policy ==== | ||
| + | Below shows an example of a Role and Context Policy | ||
| + | < | ||
| + | DBMS_PRIVILEGE_CAPTURE.CREATE_CAPTURE ( | ||
| + | name => ' | ||
| + | type => DBMS_PRIVILEGE_CAPTURE.g_role_and_context, | ||
| + | roles => role_name_list(' | ||
| + | condition => ' | ||
| + | END;</ | ||
| + | |||
| + | Other types available are ... | ||
| + | * g_database | ||
| + | * g_role | ||
| + | * g_context | ||
| + | |||
| + | Use the view DBA_PRIV_CAPTURES to view details on existing privilege capture policies.\\ | ||
| + | |||
| + | ==== Enable Policy ==== | ||
| + | < | ||
| + | DBMS_PRIVILEGE_CAPTURE.enable_capture(' | ||
| + | END;</ | ||
| + | |||
| + | ==== Disable Policy ==== | ||
| + | After a few days have passed you must disable the capture before you can see the results | ||
| + | < | ||
| + | DBMS_PRIVILEGE_CAPTURE.disable_capture(' | ||
| + | END;</ | ||
| + | |||
| + | ==== Generate Results ==== | ||
| + | < | ||
| + | DBMS_PRIVILEGE_CAPTURE.generate_result(' | ||
| + | END;</ | ||
| + | The following views can now be used to see the results ... | ||
| + | * DBA_USED_SYSPRIVS | ||
| + | * DBA_USED_SYSPRIVS_PATH | ||
| + | * DBA_USED_OBJPRIVS | ||
| + | * DBA_USED_OBJPRIVS_PATH | ||
privilegeanalysis.1437563829.txt.gz · Last modified: 2025/03/08 22:23 (external edit)