At present, widely used DBMS in our country, which has generally exist some problems. Because of regul- atory failure, opaque internal operations, the lag of security measures, We can not guarantee that our database is secure. Although DBMS has provided audit services that also have many problems, such as most DBMS has different audit log format and difficult to maintain, low capability when audit server used long-term. So this paper presents a database audit method based on network monitoring technology. We can use it to collect database operations command by analyzing the monitoring data.It works without changing the existing network structure and effecting network performance, and it can effectively record external invasion or internal irregularities to provide evidence to legal responsibility. This appro- ach overcomes the shortcomings of traditional audit techniques.