如果有用户登录失败,导致用户被锁,可以通过触发器,记录登录IP到alert log中,但是目前发现这个触发器还不能记录用户登录了哪个用户,但是如果账号被锁,可以结合时间和alert log的记录检查。
CREATE OR REPLACE TRIGGER log_errors AFTER SERVERERROR ON DATABASE
Declare
username Varchar2(30);
ipaddress varchar2(16);
terminal varchar2(50) ;
os_user Varchar2(30);
BEGIN
select sys_context('userenv','session_user') Into username from dual;
select sys_context('USERENV','IP_ADDRESS') into ipaddress from dual;
select SYS_CONTEXT('USERENV','TERMINAL') into terminal from dual;
select sys_context('userenv','os_user') into os_user from dual;
IF (IS_SERVERERROR (1017)) THEN
BEGIN
sys.dbms_system.ksdwrt(2,to_char(sysdate)||':'||ipaddress||':'||username||':'||terminal||':'||os_user||':'||'attempted to logon,but password is error!');
END;
ELSIF (IS_SERVERERROR (28000)) THEN
BEGIN
sys.dbms_system.ksdwrt(2,to_char(sysdate)||':'||ipaddress||':'||username||':'||terminal||':'||os_user||':'||'logon failed,account is locked!');
END;
END IF;
END;
/
阅读(1955) | 评论(1) | 转发(0) |