日誌挖掘：logminer 作用： 通過對日誌的分析，能夠獲得使用者的dml操作語句，用來修復使用者資料的丟失或者是錯誤； 能夠通過日誌挖掘，獲得使用者操作的反向操作(undo_sql)或者正向操作(redo_sql); 實現條件： 執行日誌挖掘需要開啟輔助日誌功能（SUPPLEMENTAL_LOG_DATA_MIN） [email protected]> select supplemental_log_data_min from v$database; --檢視輔助日誌開啟的狀態

SUPPLEME
--------------
YES

[email protected]

>alter database add supplemental log data; --開啟附加日誌 啟動最小補充日誌的主要目的是為了使logminer具備識別由update命令導致的行遷移、行移動的能力。 *************設定場景 樣例演示： 1.建立一個表 [email protected]> drop table e_logminer purge; [email protected]> create table e_logminer as select * from emp;

2.對這個表進行更新，使用了錯誤的更新條件 [email protected]

> update e_logminer set sal=12345; [email protected]> commit;

3.切換日誌，模擬這個操作過了很久這樣的狀態 [email protected]> conn / as sysdba

[email protected]> archive log list;
Database log mode                    Archive Mode
Automatic archival                      Enabled
Archive destination                     /u01/app/oracle/arch2
Oldest online log sequence          8
Next log sequence to archive      10
Current log sequence                  10

 
[email protected]> alter system switch logfile;
……切換n次

**********場景設定完畢 開始進行日誌挖掘： 1.根據大致的使用者錯誤時間，找到所需要的所有的日誌（歸檔日誌和線上重做日誌） –判斷大概資料還是正確的時間為2015-04-24 13：00：00 [email protected]>select name from v$archived_log where first_time &gt;= (select max(first_time) from v$archived_log where first_time <= to_date(‘2015-04-24 13:00:00’,‘yyyy-mm-dd hh24:mi:ss’)) union all select member from vKaTeX parse error: Expected 'EOF', got '#' at position 20: …ile where group#̲= (selec…log where archived=‘NO’) order by name;

NAME

/u01/app/oracle/arch3/1_41_857390041.dbf /u01/app/oracle/arch3/1_42_857390041.dbf /u01/app/oracle/arch3/1_43_857390041.dbf /u01/app/oracle/arch3/1_44_857390041.dbf /u01/app/oracle/arch3/1_45_857390041.dbf /u01/app/oracle/oradata/orcl11g/redo01.log

9 rows selected.

2.深入修改上一個sql語句，構建挖掘佇列所需的指令碼 [[email protected] ~]$ cat log.sql select q’[exec dbms_logmnr.add_logfile(’]’ || name || q’[’,dbms_logmnr.addfile);]’ from v$archived_log where first_time &gt;= (select max(first_time) from v$archived_log where first_time <= to_date(‘2015-04-24 13:00:00’,‘yyyy-mm-dd hh24:mi:ss’)) union all select q’[exec dbms_logmnr.add_logfile(’]’ ||member ||q’[’,dbms_logmnr.addfile);]’ from vKaTeX parse error: Expected 'EOF', got '#' at position 20: …ile where group#̲= (select gr…log where archived=‘NO’) order by 1 /

[email protected]> set trim on [email protected]> set trims on [email protected]> set term off [email protected]> set heading off [email protected]> set feedback off [email protected]> set echo off [email protected]> set linesize 200 [email protected]> set pagesize 0 [email protected]> spool /home/oracle/logmnr.sql [email protected]> @log.sql [email protected]> spool off [email protected]> quit

--修改logmnr.sql
[[email protected] ~]$ cat logmnr.sql 

exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_10_819218658.dbf’,dbms_logmnr.new); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_11_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_12_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_13_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_14_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_15_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_16_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/arch2/1_17_819218658.dbf’,dbms_logmnr.addfile); exec dbms_logmnr.add_logfile(’/u01/app/oracle/oradata/orcl11g/redo03.log’,dbms_logmnr.addfile); –新增日誌檔案到新的或已經存在的日誌列表中供日誌挖掘器處理

3.執行挖掘佇列指令碼 [email protected]> @logmnr.sql --不要退出這個會話 –為logminer挖掘會話手動註冊可挖掘的重做日誌

4.開始挖掘 SY[email protected]> exec dbms_logmnr.start_logmnr(options=>dbms_logmnr.dict_from_online_catalog); –通過載入資料字典開始挖掘，這些字典是用於挖掘器將重做記錄中的oracle內部物件翻譯成可讀的資訊的轉換字典

5.獲取挖掘結果 [email protected]> set trim on [email protected]> set trims on [email protected]> set term off [email protected]> set heading off [email protected]> set feedback off [email protected]> set echo off [email protected]> set linesize 500 [email protected]> set pagesize 0 [email protected]> spool /home/oracle/undo_logmnr.sql [email protected]> select sql_undo from v$logmnr_contents where table_name=‘E_LOGMINER’ and lower(sql_redo) like ‘update%12345%’;

[email protected]> spool off [email protected]> quit

6.修改undo指令碼 [[email protected] ~]$ cat undo_logmnr.sql update “SCOTT”.“E_LOGMINER” set “SAL” = ‘800’ where “EMPNO” = ‘7369’ and “ENAME” = ‘SMITH’ and “JOB” = ‘CLERK’ and “MGR” = ‘7902’ and “HIREDATE” = TO_DATE(‘1980-12-17 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘20’ and ROWID = ‘AAATQQAAEAAAAIjAAA’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1600’ where “EMPNO” = ‘7499’ and “ENAME” = ‘ALLEN’ and “JOB” = ‘SALESMAN’ and “MGR” = ‘7698’ and “HIREDATE” = TO_DATE(‘1981-02-20 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” = ‘300’ and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAB’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1250’ where “EMPNO” = ‘7521’ and “ENAME” = ‘WARD’ and “JOB” = ‘SALESMAN’ and “MGR” = ‘7698’ and “HIREDATE” = TO_DATE(‘1981-02-22 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” = ‘500’ and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAC’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘2975’ where “EMPNO” = ‘7566’ and “ENAME” = ‘JONES’ and “JOB” = ‘MANAGER’ and “MGR” = ‘7839’ and “HIREDATE” = TO_DATE(‘1981-04-02 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘20’ and ROWID = ‘AAATQQAAEAAAAIjAAD’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1250’ where “EMPNO” = ‘7654’ and “ENAME” = ‘MARTIN’ and “JOB” = ‘SALESMAN’ and “MGR” = ‘7698’ and “HIREDATE” = TO_DATE(‘1981-09-28 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” = ‘1400’ and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAE’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘2850’ where “EMPNO” = ‘7698’ and “ENAME” = ‘BLAKE’ and “JOB” = ‘MANAGER’ and “MGR” = ‘7839’ and “HIREDATE” = TO_DATE(‘1981-05-01 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAF’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘2450’ where “EMPNO” = ‘7782’ and “ENAME” = ‘CLARK’ and “JOB” = ‘MANAGER’ and “MGR” = ‘7839’ and “HIREDATE” = TO_DATE(‘1981-06-09 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘10’ and ROWID = ‘AAATQQAAEAAAAIjAAG’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘3000’ where “EMPNO” = ‘7788’ and “ENAME” = ‘SCOTT’ and “JOB” = ‘ANALYST’ and “MGR” = ‘7566’ and “HIREDATE” = TO_DATE(‘1987-04-19 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘20’ and ROWID = ‘AAATQQAAEAAAAIjAAH’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘5000’ where “EMPNO” = ‘7839’ and “ENAME” = ‘KING’ and “JOB” = ‘PRESIDENT’ and “MGR” IS NULL and “HIREDATE” = TO_DATE(‘1981-11-17 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘10’ and ROWID = ‘AAATQQAAEAAAAIjAAI’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1500’ where “EMPNO” = ‘7844’ and “ENAME” = ‘TURNER’ and “JOB” = ‘SALESMAN’ and “MGR” = ‘7698’ and “HIREDATE” = TO_DATE(‘1981-09-08 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” = ‘0’ and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAJ’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1100’ where “EMPNO” = ‘7876’ and “ENAME” = ‘ADAMS’ and “JOB” = ‘CLERK’ and “MGR” = ‘7788’ and “HIREDATE” = TO_DATE(‘1987-05-23 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘20’ and ROWID = ‘AAATQQAAEAAAAIjAAK’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘950’ where “EMPNO” = ‘7900’ and “ENAME” = ‘JAMES’ and “JOB” = ‘CLERK’ and “MGR” = ‘7698’ and “HIREDATE” = TO_DATE(‘1981-12-03 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘30’ and ROWID = ‘AAATQQAAEAAAAIjAAL’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘3000’ where “EMPNO” = ‘7902’ and “ENAME” = ‘FORD’ and “JOB” = ‘ANALYST’ and “MGR” = ‘7566’ and “HIREDATE” = TO_DATE(‘1981-12-03 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘20’ and ROWID = ‘AAATQQAAEAAAAIjAAM’; update “SCOTT”.“E_LOGMINER” set “SAL” = ‘1300’ where “EMPNO” = ‘7934’ and “ENAME” = ‘MILLER’ and “JOB” = ‘CLERK’ and “MGR” = ‘7782’ and “HIREDATE” = TO_DATE(‘1982-01-23 00:00:00’, ‘yyyy-mm-dd hh24:mi:ss’) and “SAL” = ‘12345’ and “COMM” IS NULL and “DEPTNO” = ‘10’ and ROWID = ‘AAATQQAAEAAAAIjAAN’;

7.執行undo指令碼 [[email protected] ~]$ sqlplus scott/tiger @undo_logmnr.sql

8.結束挖掘 [email protected]> exec dbms_logmnr.end_logmnr;