Skip Headers
Oracle® Audit Vault Administrator's Guide
Release 10.3

E23571-08
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

7 Audit Vault Configuration Assistant (AVCA) Reference

Audit Vault Configuration Assistant (AVCA) is a command-line utility you use to manage various Audit Vault components (for example, adding or dropping collection agents). When you run these commands, remember the following:

Table 7-1 describes the Audit Vault Configuration Assistant commands and where each is used, whether on the Audit Vault Server, on the Audit Vault collection agent, or in both places.

Table 7-1 Audit Vault Configuration Assistant Commands

Command Used Where? Description

add_agent

Server

Adds a collection agent to Oracle Audit Vault

alter_remedy

Server

Reconfigures the Remedy ticket service to use the settings in the deployment descriptor properties file

alter_smtp

Server

Reconfigures the ticket notification service to use different SMTP server settings

create_credential

Both

Creates or updates a credential to be stored in the wallet

create_wallet

Collection agent

Creates a wallet to hold credentials

deploy_av

Server

Deploys the av.ear file to another node in an Oracle RAC environment

disable_remedy

Server

Disables the Remedy ticket service

disable_smtp

Server

Disables the SMTP configuration

drop_agent

Server

Drops a collection agent from Oracle Audit Vault

enable_remedy

Server

Enables the Remedy ticket service

enable_smtp

Server

Enables an existing SMTP configuration for the email notification service

generate_csr

Server

Generates a certificate request

-help

Both

Displays help information for the AVCA commands

import_cert

Server

Imports the specified certificate into the wallet

redeploy

Both

Redeploys the av.ear file on the Audit Vault Server system or the AVAgent.ear file on the Audit Vault collection agent system

register_remedy

Server

Registers the Remedy ticket service with Oracle Audit Vault

register_smtp

Server

Registers or removes the Oracle Audit Vault email notification service to use an SMTP server

remove_cert

Server

Removes the specified certificate from the wallet

secure_remedy

Server

Enables the Remedy ticket service to use a secure configuration

secure_smtp

Server

Enables the email notification service to work with a secure SMTP server by specifying the type of connection protocol used to communicate to the SMTP server

set_server_tz

Server

Sets the time zone based on the UTC (GMC) time zone for use in generated reports

set_warehouse_retention

Server

Controls the amount of data kept online in the data warehouse fact table

show_remedy_config

Server

Shows the configuration details of the Remedy ticket service

show_server_tz

Server

Shows the configuration details for the avca set_server_tz command

show_smtp_config

Server

Displays the current SMTP configuration details used by the email notification service

test_remedy

Server

Tests the connection of the Remedy ticket service

test_smtp

Server

Tests the connection of the ticket notification services with the SMTP server


Note:

In an Oracle RAC environment, you must run AVCA commands from the node on which Oracle Enterprise Manager resides. This is the same node on which the av.ear file is deployed.

If the node on which the av.ear file is deployed is down, deploy the av.ear file to another node using the avca deploy_av command.

7.1 add_agent

The avca add_agent command adds or registers a collection agent to Oracle Audit Vault. The collection agent is installed on the server that contains the source databases that you plan to audit.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca add_agent -agentname agent_name [-agentdesc desc] -agenthost host

Arguments

Argument Description
-agentname agent_name Enter a unique name for the collection agent that you want to create.
-agentdesc desc Enter a description of the collection agent. Optional.
-agenthost host Enter the name of an agent host name where this collection agent is to be installed.

Usage Notes

  • The type of collector that you plan to use determines where you must create the agent. See Oracle Audit Vault Collection Agent Installation Guide for more information about deploying the collection agents.

  • To find the names and source database locations of existing agents, log in to Audit Vault Console, click the Configuration tab, and then click Agent to display the Agent page. This page lists the agent, host (source database), port, and user.

  • You will be prompted to create an agent user name and password. Oracle Audit Vault grants this user the AV_AGENT role and uses this account to start and stop the collectors. It is for internal use only. See the example that follows these usage notes.

  • You may want to create one agent user for each agent, in the event that an agent user account is removed in the future. Alternatively, you can create one agent user for all the agents.

  • After you create an agent, it is not running. You can start the agent by using the following commands: avctl start_agent command, described in Section 8.9.

Example

avca add_agent -agentname agent3 -agenthost turbokuksa.us.example.com 

Adding agent...
Enter agent user name: agent_user_name
Enter agent user password: agent_user_pwd
Re-enter agent user password: agent_user_pwd
Agent added successfully.

7.2 alter_remedy

The avca alter_remedy command reconfigures the Remedy trouble ticket service connection to Oracle Audit Vault. The settings are based on the settings in the deployment descriptor properties file, described in Section 3.7.2. In other words, if you want to modify the Remedy trouble ticket service connection to Audit Vault, modify the deployment descriptor properties file and then run this command in the Audit Vault Server. Run this command after each time you modify or move the deployment descriptor properties file. For the full procedure, see Section 3.7.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca alter_remedy -conf deploymentDescriptor.properties 

Arguments

Argument Description
-conf deploymentDescriptor.properties Enter the path to the deployment descriptor properties file. By default, this file is located in the $ORACLE_HOME/av/conf directory.

Usage Notes

  • Right after you complete the Remedy trouble ticket service configuration, it is enabled and ready to use.

  • If the Remedy trouble ticket service is on a secure server, then run the avca secure_remedy command (Section 7.19) after you run avca register_remedy.

  • To test the configuration, run the avca test_remedy command (Section 7.26).

Example

avca alter_remedy -conf $ORACLE_HOME/av/conf/remedy.properties

Remedy configuration altered successfully. 

7.3 alter_smtp

The avca alter_smtp command reconfigures the Oracle Audit Vault email notification service.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca alter_smtp -server IP:port|host:port -sender_id string -sender_email email -auth|-noauth

Arguments

Argument Description
-server IP:port|host:port Enter the server connection information, either using the IP address or the server name, and the outgoing server port number.
-sender_id string Enter the user ID of the person responsible for sending the email (that is, the email address that appears after From).
-sender_email email Enter the email address of the person whose ID you entered for the -sender_email argument, in Request For Comments (RFC) 822 format.
-auth|-noauth Enter one of the following settings:
  • -auth: Enables authentication for the recipient user. After you enter the avca alter_smtp command, you are prompted for this user's user name and password. See the example in this section.

  • -noauth: Oracle Audit Vault assumes that the SMTP server needs no authentication. In that case, the command does not prompt for the user name and password interactively. It also ignores any settings for the AVCA_SMTPUSR variable.


Usage Notes

  • After you complete the SMTP server connection, it is enabled and ready to use.

  • If the SMTP server is a secure server, then run the avca secure_smtp command (Section 7.20) after you run avca register_smtp.

  • The AVCA_SMTPUSR variable is an alternative way that you can use to set the username and password without having the command interactively prompt for the username and password. You can use this variable for scripts that run AVCA and do not want manual intervention. Ensure that you set this variable on the Audit Vault Server. For example:

    setenv AVCA_SMTPUSR user/password
    
  • To test the configuration, run the avca test_smtp command (Section 7.27).

Example

avca register_smtp kuksanest:3924 -sender rmcmurphy -sender_email rmcmurphy@example.com -auth

Enter SMTP server username: dharding
Enter SMTP server password: password
 Re-enter SMTP server: password
 Credential stored successfully.
SMTP configuration altered successfully.

7.4 create_credential

The avca create_credential command creates or updates a credential to be stored in an Oracle wallet. Run this command on either the Audit Vault Server or Audit Vault collection agent during collector development.

Where to Run This Command

Either Audit Vault Server or collection agent:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2 for Audit Vault Server or Section 2.2.3 for the collection agent.

  • Microsoft Windows: Go to the Audit Vault Server or collection agent ORACLE_HOME\bin directory.

Syntax

avca create_credential -wrl wallet_location -dbalias db_alias 

Arguments

Argument Description
-wrl wallet_location Enter the location of the Oracle Audit Vault wallet. Locations are as follows:
  • UNIX and Linux-based systems: $ORACLE_HOME/network/admin/avwallet

  • Microsoft Windows systems: ORACLE_HOME\network\ADMIN\avwallet

-dbalias db_alias Enter the database alias. You can find the alias in the tnsnames.ora file, located in the $ORACLE_HOME/network/admin directory.

If you are running this command for the AV_ADMIN or AV_AGENT users, in most cases this alias is av.

If you are running this command for the source user account, then you must specify the dbalias parameter using the following convention:

SRCDBn

For source databases, the name is usually in the form of SRCDB, with n being a numerical value (for example, SRCDB23).


Usage Notes

  • Use this command when the AV_ADMIN or AV_AGENT user name or password has been changed. The avca create_credential command updates the wallet with the new user name and password, in encrypted format, and then associates the wallet with the specified database alias.

  • If you installed the collection agent on a Microsoft Windows computer and want to run the avca create_credential command from there, run it from the ORACLE_HOME\bin directory. For UNIX or Linux installations, set the appropriate environment variables before running this command. See Section 2.2 for more information.

Example

avca create_credential -wrl $ORACLE_HOME/network/admin/avwallet -dbalias av

AVCA started
Storing user credentials in wallet... 
Enter source user username: srcuser1
Enter source user password: password
Re-enter source user password: password
Credential stored successfully.

7.5 create_wallet

The avca create_wallet command creates a wallet to hold credentials.

Where to Run This Command

Audit Vault collection agent:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.3.

  • Microsoft Windows: Go to the Audit Vault collection agent ORACLE_HOME\bin directory.

Syntax

avca create_wallet -wrl wallet_location

Arguments

Argument Description
-wrl wallet_location Enter the directory location for the wallet. Ensure that this directory already exists. Locations are as follows:
  • Linux and UNIX-based systems: $ORACLE_HOME/network/admin/avwallet

  • Microsoft Windows systems: ORACLE_HOME\network\ADMIN\avwallet


Usage Notes

  • If you installed the collection agent on a Microsoft Windows computer, run the avca create_wallet command from the ORACLE_HOME\bin directory. For UNIX or Linux installations, set the appropriate environment variables before running this command. See Section 2.2 for more information.

  • After you execute this command, then the .sso and .p12 files are generated in the wallet location.

Example

The following example shows how to create a wallet in the location specified as $T_WORK/tt_1:

avca create_wallet -wrl $T_WORK/tt_1 
Enter wallet password: password
Wallet created successfully.

7.6 deploy_av

The avca deploy_av command deploys the av.ear file to another node in an Oracle Real Application Clusters (Oracle RAC) environment. This command also modifies the server.xml file and other related files to enable Oracle Audit Vault management through the Oracle Enterprise Manager Database Control console.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca deploy_av -sid sid -dbalias db_alias -avconsoleport av_console_port

Arguments

Argument Description
-sid sid Enter the Oracle Database system identifier (SID) for the instance. You can verify the SID by running the lsnrctl status command on the computer where you installed the source database.

Enter the Oracle Database system identifier (SID) for the Audit Vault Server instance. You can verify the SID by running the lsnrctl status listener_AV_SID command on the computer where you installed the Audit Vault Server. If you installed the Audit Vault Server in an Oracle RAC configuration, then use the svrctl status listener_AV_SID command.

-dbalias db_alias Enter the database alias for Oracle Audit Vault. The database alias is the value that you provided in the Audit Vault Name field during installation.
-avconsoleport av_console_port Enter the port number for the Audit Vault Console. You can find this number by entering the following command in the Audit Vault Server shell or command prompt:
avctl show_av_status

Usage Notes

In an Oracle RAC environment, you must run the AVCA commands from the node on which Oracle Enterprise Manager resides. This is the same node on which the av.ear file is deployed.

If the host on which Oracle Enterprise Manager resides becomes unavailable, you can migrate the Audit Vault Web application file, av.ear, to a different node by using the avca deploy_av command. After you migrate the Web application, you must recreate the wallet entries for all the source databases managed by Oracle Audit Vault on this new node by using the avca create_credential command.

To use the Audit Vault Console from this other node, enter its host name or IP address (host) and port number (port) as you did previously in the Address field of the browser window (http://host:port/av), but replace the original host name or IP address with that for the other node.

Example

avca deploy_av -sid av -dbalias av -avconsoleport 5700

7.7 disable_remedy

The avca disable_remedy command disables the Remedy trouble ticket service configuration.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca disable_remedy

Arguments

None.

Usage Notes

  • After you disable the configuration, Oracle Audit Vault preserves the most recent configuration. So, when you re-enable the configuration, this configuration is made active again.

  • To find details about the current Remedy service configuration, issue the avca show_remedy_config command, described in Section 7.23.

Example

avca disable_remedy

Remedy integration is disabled.

7.8 disable_smtp

The avca disable_smtp command disables the SMTP configuration for the email notification service.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca disable_smtp

Arguments

None.

Usage Notes

  • After you disable the configuration, Oracle Audit Vault preserves the most recent configuration. So, when you re-enable the configuration, this configuration is made active again.

  • To find details about the current SMTP configuration, issue the avca show_smtp_config command, described in Section 7.25.

Example

avca disable_smtp

SMTP integration is disabled. 

7.9 drop_agent

The avca drop_agent disables (but does not remove) a collection agent from Oracle Audit Vault.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca drop_agent -agentname agent_name 

Arguments

Argument Description
-agentname agent_name Enter the name of the collection agent to be dropped from Oracle Audit Vault.

Usage Notes

  • The drop_agent command does not delete the collection agent from Oracle Audit Vault. It only disables the collection agent. The collection agent metadata is still in the database after you run the drop_agent command. If you want to re-create the collection agent, create it with a different name.

  • Oracle Audit Vault displays an error if active collectors are still running in the collection agent.

Example

The following example shows how to drop a collection agent named sales_agt from Oracle Audit Vault:

avca drop_agent -agentname uberkuksa

Agent dropped successfully.

7.10 enable_remedy

The avca enable_remedy enables the Remedy trouble ticket service configuration that was registered with the avca register_remedy or avca alter_remedy command.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca enable_remedy

Arguments

None.

Usage Notes

  • When you enable the Remedy registration, Oracle Audit Vault uses the configuration that was in place when you last disabled the Remedy trouble ticket service.

  • To find details about the most recent Remedy service configuration, issue the avca show_remedy_config command, described in Section 7.23.

Example

avca enable_remedy

Remedy integration is enabled. 

7.11 enable_smtp

The avca enable_smtp command enables the SMTP configuration for the email notification service that was created with the avca register_smtp command.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca enable_smtp

Arguments

None.

Usage Notes

  • When you enable the configuration, Oracle Audit Vault uses the configuration that was in place when you last disabled the SMTP configuration.

  • To find details about the most recent service configuration, issue the avca show_smtp_config command, described in Section 7.25.

Example

avca enable_smtp

SMTP integration is enabled.

7.12 generate_csr

The avca generate_csr command generates a certificate request in the format of a text file.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca generate_csr -certdn Audit_Vault_Server_host_DN [-keysize size]
             -out certificate_request_output_file

Arguments

Argument Description
-certdn Audit_Vault_Server_host_DN Enter the distinguished name (DN) of the Audit Vault Server host
keysize size Enter the certificate key size (in bits). Optional. Possible values are:
  • 512

  • 1024 (default)

  • 2048

-out certificate_request_output_file Enter the path and name of the certificate request output file. Ensure that you have write permissions for this directory.

Usage Notes

  • You must use this command to generate a certificate request. After generating the certificate request, send it to your certificate authority (CA) and get it signed and then returned as a signed certificate.

    The DN of the Audit Vault Server is typically of the following form:

    CN=fully_qualified_hostname,OU=Org_Unit,O=Organization,ST=State,C=Country
    
  • On Microsoft Windows, enclose the DN in double quotation marks and a backslash (\) character. For example:

    avca generate_csr -certdn \"CN=kuksagruvin,OU=DBSEC,O=RisingDoughCo,ST=CA,C=US\" -out user_c:\oracle\product\10.3.0\avserver\certs\certificate.txt
    
  • For detailed information about generating certificate requests for Oracle Audit Vault, see Section 5.6.

Example

The following example shows how to generate a certificate request for UNIX platforms:

avca generate_csr -certdn CN=kuksagruvin,OU=DBSEC,O=RisingDoughCo,ST=CA,C=US -out user_certificate.cer

Generating Certificate request... 
Certificate request generated successfully

7.13 -help

The avca -help command displays help information for the AVCA commands.

Where to Run This Command

Either Audit Vault Server and collection agent:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2 for Audit Vault Server or Section 2.2.3 for the collection agent.

  • Microsoft Windows: Go to the Audit Vault Server or collection agent ORACLE_HOME\bin directory.

Syntax

avca -help

avca command -help

Arguments

Argument Description
command Enter the name of an AVCA command for which you want help messages to appear

Usage Notes

If you installed the collection agent on a Microsoft Windows computer and want to run the avca help command from there, run it from the ORACLE_HOME\bin directory. For UNIX or Linux installations, ensure that you have set the appropriate environment variables before running this command. See Section 2.2 for more information.

Example

The following example shows how to display general AVCA utility help in the Audit Vault Server home.

avca -help

-------------------------------------------- 
AVCA Usage
-------------------------------------------- 
Oracle Audit Vault Configuration commands - AV Server:
    avca deploy_av -sid <sid> -dbalias <db alias> -avconsoleport <av console port>
    avca generate_csr -certdn <Audit Vault Server host DN> [-keysize 512|1024|2048] -out <certificate request output file> 
    avca import_cert -cert <User/Trusted certificate> [-trusted] 
    avca remove_cert -certdn <Audit Vault Server host DN> 
    avca set_server_tz -offset <[+/-]hh:mm> 
    avca show_server_tz 
  
Oracle Audit Vault Configuration commands - Agent:
    avca add_agent -agentname <agent name> [-agentdesc <desc>] -agenthost <host>
    avca drop_agent -agentname <agent name> 
  
Oracle Audit Vault Configuration commands - Warehouse:
    avca set_warehouse_retention -intrv <year-month interval> 
  
Oracle Audit Vault Configuration commands - SMTP:
    avca register_smtp -server <host:port> -sender_id <sender id> -sender_email <sender email> -auth|-noauth 
    avca register_smtp -remove 
    avca alter_smtp [-server <host:port>] [-sender_id <sender id>] [-sender_email <sender email>] [-auth|-noauth] 
    avca secure_smtp -protocol ssl|tls [-truststore <truststore location>] 
    avca secure_smtp -remove 
    avca show_smtp_config 
    avca enable_smtp 
    avca disable_smtp 
    avca test_smtp -to <recipient email>
  
Oracle Audit Vault Configuration commands - Remedy:
    avca register_remedy -config <remedy config file> 
    avca register_remedy -remove 
    avca alter_remedy -config <remedy config file> [-auth] 
    avca secure_remedy [-truststore <truststore location>] 
    avca secure_remedy -remove 
    avca show_remedy_config 
    avca enable_remedy 
    avca disable_remedy 
    avca test_remedy -ticket_id <remedy ticket id>
  
Oracle Audit Vault Configuration commands - Authentication:
    avca create_wallet -wrl <wallet_location> 
    avca create_credential -wrl <wallet_location> -wpwd <wallet_pwd> -dbalias <db alias> -usr <usr>/<pwd> 
 
avca -help

From the Audit Vault collection agent home, the avca -help output is as follows:

avca -help
 
  -------------------------------------------- 
  AVCA Usage
  -------------------------------------------- 
  Oracle Audit Vault Configuration commands - Authentication:
      avca create_wallet -wrl <wallet_location> 
      avca create_credential -wrl <wallet_location> -wpwd <wallet_pwd> -dbalias <db alias> -usr <usr>/<pwd> 
  
  avca -help

The following example shows how to display specific AVCA help for the add_agent command in Audit Vault.

avca add_agent -help

  avca add_agent -agentname <agent name> [-agentdesc <desc>] -agenthost <host>
  ------------------------------------------------
  -agentname <agent name>
  [-agentdesc <agent description>]
  -agenthost <agent host>
  ------------------------------------------------

7.14 import_cert

The avca import_cert command imports the specified user or trusted certificate into the wallet.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca import_cert -cert User/Trusted_certificate [-trusted]

Arguments

Argument Description
-cert User/Trusted_certificate Enter the path and file name of the certificate to be imported into the wallet. See the usage notes.
-trusted Include this argument if you want to indicate that the certificate is trusted. If it is a user certificate, then omit the trusted argument. Optional.

Usage Notes

  • To obtain the certificate, contact the certificate authority. Place the certificate in a directory that you can easily access, for the -cert argument. Ensure that the certificate matches a pending certificate request in the wallet. You must import the trusted certificate for this certificate first.

  • For detailed information about configuring wallets when setting up the HTTPS protocol for Oracle Audit Vault, see Section 5.6.

Example

The following example shows how to import a certificate into the wallet.

avca import_cert -cert user_certificate.cer

Importing Certificate...
Certificate imported successfully.

This example shows how to import a trusted certificate into the wallet.

avca import_cert -cert ca_certificate.cer -trusted

Importing Certificate...
Certificate imported successfully.

7.15 redeploy

The avca redeploy command redeploys the av.ear file on the Audit Vault Server system or the AVAgent.ear file on the Audit Vault collection agent system.

Where to Run This Command

Either Audit Vault Server and collection agent:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2 for Audit Vault Server or Section 2.2.3 for the collection agent.

  • Microsoft Windows: Go to the Audit Vault Server or collection agent ORACLE_HOME\bin directory.

Syntax

avca redeploy

Arguments

None.

Usage Notes

If you installed the collection agent on a Microsoft Windows computer and want to run the avca redeploy command from there, run it from the ORACLE_HOME\bin directory. For UNIX or Linux installations, ensure that you have set the appropriate environment variables before running this command. See Section 2.2 for more information.

Example

The following example shows how to redeploy either the av.ear file on the Audit Vault Server system or the AVAgent.ear file on the Audit Vault collection agent system.

avca redeploy

Deploying AV web application...
Getting EM home = stapp03.us.oracle.com_sx4
Stopping OC4J...
OC4J stopped successfully.
Expanding av.ear
Looking for directory /oracle/work/sx4/oc4j/j2ee/oc4j_applications/applications/av
Deleting directory /oracle/work/sx4/oc4j/j2ee/oc4j_applications/applications/av
Creating directory /oracle/work/sx4/oc4j/j2ee/oc4j_applications/applications/av
Looking for directory /oracle/work/sx4/oc4j/j2ee/oc4j_applications/applications/av/av
Creating directory /oracle/work/sx4/oc4j/j2ee/oc4j_applications/applications/av/av
Deploying pre-compiled jsps
Starting OC4J...
OC4J started successfully. 

7.16 register_remedy

The avca register_remedy command registers or removes the BMC Remedy Action Request (AR) System Server 7.x trouble ticket service from Oracle Audit Vault. The registration is based on the settings in the deployment descriptor properties file, described in Section 3.7.2. For the full procedure, see Section 3.7. You can register only one Remedy trouble ticket with each Oracle Audit Vault installation.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca register_remedy -config deploymentDescriptor.properties 

avca register_remedy -remove

Arguments

Argument Description
-config deploymentDescriptor.properties Enter the path to the deployment descriptor properties file. By default, a template for this file is located in the $ORACLE_HOME/av/conf directory.
-remove Include this keyword to remove the Remedy trouble ticket service from Oracle Audit Vault.

Usage Notes

  • Right after you register the Remedy trouble ticket service configuration, it is enabled and ready to use.

  • If the Remedy trouble ticket service is on a secure server, then run the avca secure_remedy command (Section 7.19) after you run avca register_remedy.

  • To test the configuration, run the avca test_remedy command (Section 7.26).

Examples

The following example demonstrates how to register the Remedy trouble ticket service:

avca register_remedy -config $ORACLE_HOME/av/conf/remedy.properties

Enter Remedy server username: Remedy_server_username
Enter Remedy server password: password
Re-enter Remedy server password: password
Credential stored successfully.
Remedy server registered successfully. 

The command does not create any users; it just stores the user input in the Oracle wallet.

This example shows how to unregister the Remedy trouble ticket service:

avca register_remedy -remove

Remedy server unregistered successfully.

7.17 register_smtp

The avca register_smtp command registers or unregisters the Oracle Audit Vault email notification service to use an SMTP server. For the full procedure required to complete this type of registration, see Section 3.6.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca register_smtp -server IP:port|host:port -sender_id string -sender_email email -auth|-noauth

avca register_smtp -remove

Arguments

Argument Description
-server IP:port|host:port Enter the server connection information, either using the IP address or server name, and the outgoing server port number.
-sender string Enter the user ID of the person responsible for sending the email (that is, the email address that appears after From).
-sender_email email Enter the email address of the person whose ID you entered for the -sender argument, in Request For Comments (RFC) 822 format.
-auth|-noauth Enter one of the following settings:
  • -auth: Enables authentication for the recipient user. After you enter the avca alter_smtp command, you are prompted for this user's user name and password. See the example in this section.

  • -noauth: Oracle Audit Vault assumes that the SMTP server needs no authentication. In that case, the command does not prompt for the username and password interactively. It also ignores any settings for the AVCA_SMTPUSR variable.

-remove Include this keyword to remove the SMTP service from Oracle Audit Vault.

Usage Notes

  • Right after you create the SMTP server connection, it is enabled and ready to use.

  • If the SMTP server is a secure server, then run the avca secure_smtp command (Section 7.20) after you run avca register_smtp.

  • To test the configuration, run the avca test_smtp command (Section 7.27).

Example

avca register_smtp -server kuksanest:3924 -sender imanoyd -sender_email inoydt@example.com -auth

Enter SMTP server username: idaneau
Enter SMTP server password: password
Re-enter SMTP server: password
Credential stored successfully.
SMTP configuration registered successfully.

The following example removes the SMTP registration:

avca register_smtp -remove

SMTP server unregistered successfully.

7.18 remove_cert

The avca remove_cert command removes the specified certificate from the wallet.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca remove_cert -certdn Audit_Vault_Server_host_DN 

Arguments

Argument Description
-certdn Audit_Vault_Server_host_DN Enter the distinguished name (DN) of the Audit Vault Server host that was used for the avca generate_csr command.

Usage Notes

  • Oracle Audit Vault removes the certificate or key pair for the DN matching the given DN from the wallet. For example, you can use this command to remove a certificate that expires or is revoked by the CA, and replace it with a renewed certificate.

    You, the Oracle Audit Vault administrator, provide the DN of the Audit Vault Server is typically of the form:

    CN=hostname_fully_qualified,OU=Org_Unit,O=Organization,ST=State,C=Country
    
  • On Microsoft Windows, enclose the DN in double quotation marks and a backslash (\) character. For example:

    avca remove_cert -certdn -hrdb.example.com \"CN=kuksagruvin,OU=DBSEC,O=RisingDoughCo,ST=CA,C=US\" 
    

Example

The following example shows how to remove a certificate from the wallet.

avca remove_cert -certdn -hrdb.example.com CN=kuksagruvin,OU=DBSEC,O=RisingDoughCo,ST=CA,C=US

Removing Certificate...
Certificate removed successfully.

7.19 secure_remedy

The avca secure_remedy command enables or disables a secure configuration for the Remedy ticket service. Run this command if the BMC Remedy Action Request System Server is on a secure server.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca secure_remedy -truststore truststore

avca secure_remedy -remove

Arguments

Argument Description
-truststore truststore Enter the path to the truststore file used to validate the server certificates. Optional.
-remove Include this keyword to disable the Remedy ticket service from being a secure configuration.

Usage Notes

  • Run this command after you run either the avca register_remedy (Section 7.16) or avca alter_remedy (Section 7.2) command.

Example

avca secure_remedy -truststore ca_cert.ce

Setting Truststore to ca_cert.cer
Updated Remedy server configuration to not use secure protocol.

7.20 secure_smtp

The avca secure_smtp command enables the email notification service to work with a secure SMTP server by specifying the type of connection protocol used to communicate to the SMTP server. Only run this command if the SMTP server that you are configuring is a secure server.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca secure_smtp -protocol ssl_type -truststore truststore

avca secure_smtp -remove

Arguments

Argument Description
-protocol ssl_type Specify one of the following types of protocol:
  • SSL: Secure Sockets Layer (default)

  • TLS: Transport Layer Security

-truststore truststore Enter the path to the truststore file used to validate the server certificates. Optional.
-remove Include this keyword to disable the email notification service from being a secure configuration.

Usage Notes

Run this command after you run either the avca register_smtp (Section 7.17) or avca alter_smtp (Section 7.3) command.

Examples

The following example shows how to configure the truststore to use the TLS protocol:

avca secure_smtp -protocol tls -truststore $ORACLE_HOME/wallets/smtp_keystore 

Updated SMTP server configuration to use secure protocol. 

These example demonstrates how to disable the email configuration service:

avca secure_smtp -remove 

Updated SMTP server configuration to not use secure protocol.

7.21 set_server_tz

The avca set_server_tz command sets the time zone format for Oracle Audit Vault reports and alerts, using an offset of the UTC time zone. It takes effect the next time you generate a report or an alert. Use this command if the time stamps in the generated Audit Vault reports and alerts must be in a time zone other than UTC. (The Audit Vault Server itself always uses the UTC time zone.)

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca set_server_tz -offset offset_value  

Arguments

Argument Description
-offset offset_value Enter the offset value in the following format:
+/-HH:MM

Usage Notes

To find the current UTC time zone setting, run the avca show_server_tz command, described in Section 7.24.

Example

The following example shows how to set the offset value for U.S. Pacific Daylight Time (PDT):

avca set_server_tz -offset +07:00

Updated timezone offset successfully.

7.22 set_warehouse_retention

The avca set_warehouse_retention command controls the amount of data kept online in the data warehouse fact table.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca set_warehouse_retention -intrv year_month_interval  

Arguments

Argument Description
-intrv year_month_interval Enter the year-month interval in the following format:
+YY-MM

Usage Notes

  • The interval setting must be a positive value.

  • As the retention period shifts forward in time, Oracle Audit Vault removes the data that was loaded before the retention period. For example, if you set the retention period for 1 year, any data before that year is discarded.

  • See Section 3.4 for detailed information about creating a retention period.

Example

The following example shows how to control the amount of data kept online in the data warehouse table. In this case, a time interval of 1 year and 6 months is specified.

avca set_warehouse_retention -intrv +01-06 

AVCA started
Setting warehouse retention period...
done.

7.23 show_remedy_config

The avca show_remedy_config command displays the configuration for the Remedy trouble ticket service connection with Oracle Audit Vault.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca show_remedy_config

Arguments

None.

Usage Notes

To reconfigure the Remedy trouble ticket service connection, run the avca alter_remedy (Section 7.2) command.

Examples

In the following example, the Remedy trouble ticket service has not been registered:

avca show_remedy_config

Error executing command show_remedy_config
OAV-46856: no remedy server registered

In this example, the Remedy trouble ticket service has been successfully registered:

avca show_remedy_config

Remedy server configuration details: 
--------------------------------
Action Request host: kuksavoid.com
Mid-tier host: kuksavoid.com 
Mid-tier port: 3128 
Version: 7.5 
Helpdesk Form name: HPD:IncidentInterface 
Create Ticket URL: https://kuksavoid.com:3128/arsys/services/ARService?server=kuksavoid&webService=HPD_IncidentInterface_Create_WS 
Get Ticket URL: https://kuksavoid.example.com:3128/arsys/services/ARService?kuksavoid=shobeen&webService=HPD_IncidentInterface_WS 
Auth String: None 
Locale: en_US 
Locale: UTC 
Security protocol: None 
User name: Remedy_server_username 
Password: ***** 
State: Enabled  
--------------------------------

7.24 show_server_tz

The avca show_server_tz shows the configuration details for the avca set_server_tz command.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca show_server_tz

Arguments

None.

Usage Notes

To set the UTC time zone for reports and alerts, run the avca set_server_tz command, described in Section 7.21.

Example

avca show_server_tz

Server Timezone UTC07:00

7.25 show_smtp_config

The avca show_smtp_config command displays the current SMTP configuration details used by Oracle Audit Vault.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca show_smtp_config

Arguments

None.

Usage Notes

To reconfigure the SMTP service connection, run the avca alter_smtp (Section 7.3) command.

Example

avca show_smtp_config

SMTP server configuration details: 
--------------------------------
Host: kuksanest.example.com
Port: 465
Sender name: ida.neau@example.com "<ida.neau@example.com>"
Security protocol: SSL
Truststore: Default
Authentication required: No
State: Enabled 
--------------------------------

7.26 test_remedy

The avca test_remedy command tests the Remedy ticket service connection for the provided ticket ID. You can enter any Remedy ticket number, not just Oracle Audit Vault-related Remedy ticket numbers.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca test_remedy -ticket_id

Arguments

Argument Description
-ticket_id id Enter the ID of any Remedy ticket in your system.

Usage Notes

  • If the test fails, then check the configuration by running the avca show_remedy_config (Section 7.23) and avctl show_remedy_status (Section 8.7) commands.

  • You can recreate the configuration by running the avca alter_remedy command (Section 7.2).

Example

avca test_remedy -ticket_id INC000000000005

Querying Remedy Server for ticket ID "INC000000000005"... 
Assigned Group: Backoffice Support 
Assigned Support Company: Calbro Services 
Assigned Support Organization: IT Support 
Assignee: Allen Allbrook 
Summary: Test Ticket manually
Priority: Low 
Service Type: Infrastructure Event 
Status: Assigned 
Urgency: 4-Low 

7.27 test_smtp

The avca test_smtp command tests the Oracle Audit Vault email notification service.

Where to Run This Command

Audit Vault Server:

  • UNIX: Set the appropriate environment variables, as described in Section 2.2.2.

  • Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME\bin directory.

Syntax

avca test_smtp -to email 

Arguments

Argument Description
-to email Recipient to whom to send the test email notification.

Usage Notes

  • If the test fails, then check the configuration by running the avca show_smtp_config (Section 7.25) and avctl show_smtp_status (Section 8.8) commands.

  • You can recreate the configuration by running the avca alter_smtp command (Section 7.3).

Example

avca test_smtp -to ida.kuksa@example.com

Sending Test email to "ida.kuksa@example.com"... 
Test email sent successfully. Please check the recipients mailbox to see if the email has been delivered. 

In this example, user Ida Kuksa should receive an email similar to the following:

  • Subject header: Oracle Audit Vault: Test Message

  • Body text: This is a test message from Oracle Audit Vault

If the test fails, then an error message similar to the following appears:

Sending Test email to "ida.kuksa@example.com"... 
Error: SEND_EMAIL_ERROR. Message is: Sending failed;
  nested exception is: 
        javax.mail.MessagingException: Unknown SMTP host: shobeen.example.com;
  nested exception is: 
        java.net.UnknownHostException: shobeen.example.com. 

See the Usage Notes for advice on handling this situation.