Skip Headers
Oracle® Audit Vault Release Notes
Release 10.3

Part Number E23572-09
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Feedback page
Contact Us

  PDF · Mobi · ePub

Oracle® Audit Vault

Release Notes

Release 10.3

E23572-09

November 2012

These Release Notes contain important information that was not included in the Oracle Audit Vault Release 10.3 documentation.

This document contains these topics:

1 Downloading the Latest Version of This Document

You can download the most current version of this document from the following website:

http://www.oracle.com/technetwork/database/audit-vault/documentation/index.html

2 Upgrading from Oracle Audit Vault 10.2.3.2.x to 10.3.x

This section contains the following topics:

2.1 Preparing to Upgrade the Audit Vault Server

Before you begin the upgrade process, you must ensure that you are using Bundle Patch 7 or later of Audit Vault Release 10.2.3.2. You cannot upgrade from Oracle Audit Vault Release 10.2.3.2.6 or earlier to Release 10.3.

To check the bundle patch that you currently have installed on the Audit Vault Server:

  1. Open a shell or command prompt and go to the Audit Vault Server home directory.

  2. Set the Oracle Audit Vault Server environment variables.

    See the following section in Oracle Audit Vault Administrator's Guide for more information:

    http://docs.oracle.com/cd/E14472_01/doc.102/e14459/avadm_mng_config.htm#CEGHHIBD

  3. Run the following command to find the current version of the Audit Vault Server:

    $ avctl show_av_status
    
  4. If the version is Release 10.2.3.2.6 or earlier, then complete the remaining steps to upgrade to the latest bundle patch.

  5. Log into My Oracle Support.

    https://support.oracle.com

  6. Select the Patches and Updates tab.

  7. Search for patch ID 13087259 to find the Oracle Audit Vault Release 10.2.3.2.7 bundle patch.

  8. Select Download to download bundle patch 13087259.

  9. Select Read Me and then follow the instructions to install bundle patch 13087259.

  10. Upgrade Oracle Audit Vault Release 10.2.3.2.7 to the latest bundle patch.

2.2 Upgrading an Oracle Audit Vault Server Single Instance

After you have installed the bundle patch on your Oracle Audit Vault Server installation as described in Section 2.1, you are ready to complete the procedures in this section.

Note:

You must complete each step in these processes successfully before proceeding to the next step. Inspect all output and log files for failures, and take necessary corrective action to determine the recovery procedure if a failure occurs, referring to the appropriate Oracle documentation for the tool that has failed. If in doubt, contact Oracle Support.

Follow these steps:

2.2.1 Step 1: Prepare Oracle Audit Vault for the Upgrade

  1. Set the environment variables for the Oracle Audit Vault Server.

    See "Checking and Setting Environment Variables" in Chapter 2 of Oracle Audit Vault Administrator's Guide:

    http://docs.oracle.com/cd/E14472_01/doc.102/e14459/avadm_mng_config.htm#CEGJBIBF

  2. Back up the Oracle Audit Vault database.

    To use Oracle Recovery Manager (RMAN) to back up the database:

    1. Start RMAN:

      $ rman target /
      
    2. Issue the following RMAN commands. In the following example, the tag is named before_upgrade.

      BACKUP DATABASE FORMAT 'backup_directory%U' TAG before_upgrade;
      BACKUP CURRENT CONTROLFILE FORMAT 'save_controlfile_location';
      

    See Oracle Database Backup and Recovery Basics for more information about backing up a database. See the Oracle Database Release 11.2 documentation library for more information:

    http://www.oracle.com/pls/db112/homepage

  3. Back up the Audit Vault Server home directory.

    Back up or copy these files to another directory until after you have tested the upgrade.

    See Oracle Database Backup and Recovery User's Guide for information about backing up a home directory.

  4. Stop the Audit Vault Server.

    avctl stop_av 
    
  5. Disable Oracle Database Vault in the Oracle Audit Vault Server installation.

    See Appendix B, "Disabling and Enabling Oracle Database Vault," in Oracle Database Vault Administrator's Guide for Release 10.2.0.5:

    http://docs.oracle.com/cd/B19306_01/server.102/b25166/dvdisabl.htm

  6. Ensure that SYS/passwd@SID AS SYSDBA is in a password file, by running the orapwd utility.

    cd $ORACLE_HOME/dbs 
    orapwd file=orapw$ORACLE_SID
    password=password nosysdba=n force=y
    
  7. Drop the Oracle Enterprise Manager Database Control repository.

    emca -deconfig dbcontrol db -repos drop
    

    Enter the following information:

    Database SID: database_SID
    Listener port number: port_number
    Password for SYS user:  SYS_password
    Password for SYSMAN user: SYSMAN_password
    
  8. Shut down Oracle Database.

    SQL> SHUTDOWN IMMEDIATE
     
    
  9. Stop the listener.

    lsnrctl stop
    

2.2.2 Step 2: Install Oracle Audit Vault Server Release 10.3 in Software Only Mode

  1. Select an empty directory for the new $ORACLE_HOME directory. Do not reuse the existing Audit Vault $ORACLE_HOME directory.

  2. Go to the directory where you downloaded and unzipped Audit Vault Server 10.3.0.0.0.

  3. Unset the TZ environment variable.

    • In CSH:

      unsetenv TZ 
      
    • In KSH:

      export TZ=
      
    • In Bash:

      unset TZ
      
  4. Invoke the installer as follows:

    ./av/Disk1/runInstaller oracle_install_db_SID=SID
    

    SID is the SID of the Audit Vault 10.2.3.2.7 Server database that you are upgrading from.

2.2.3 Step 3: Download and Install the Latest Oracle Audit Vault Bundle Patch

  1. Download OPatch version 11.2.0.3.0 or later from My Oracle Support (patch ID 6880880).

  2. Unzip this downloaded zip file into the Release 10.3.0.0.0 Audit Vault Server home directory.

  3. Download the latest Oracle Audit Vault Release 10.3 bundle patch from My Oracle Support.

    https://support.oracle.com

  4. Unzip the downloaded the patch into a directory outside the Audit Vault Server home directory.

    A new directory named after the patch release number (for example, 12345678) is created.

  5. Set the environment variables for the new Oracle Audit Vault Server home directory as follows:

    • Set the ORACLE_SID environment variable to the SID used by Oracle Database Release 10.2.3.

    • Set the remaining environment variables to the new Audit Vault Server environment.

    See "Checking and Setting Environment Variables" in Chapter 2 of Oracle Audit Vault Administrator's Guide:

    http://docs.oracle.com/cd/E23574_01/admin.103/e23571/avadm_mng_config.htm#CEGJBIBF

  6. Apply the latest Audit Vault Release 10.3 bundle patch by using the opatch apply command from the directory in which you unzipped the patch.

    For example:

    $ORACLE_HOME/OPatch/opatch apply patch_number
    

    Ensure that you do not run the avca apply_patch command, even though the patch README instructs you to do so. (The README applies to upgrades from Release 10.3.0.0.0 to the latest bundle patch, not from Release 10.2.3.2.7.)

  7. Set the ORACLE_UNQNAME environment variable to match the ORACLE_SID value.

    • For single instance installations, set ORACLE_UNQNAME to match the ORACLE_SID value.

    • For Oracle RAC installations, set ORACLE_UNQNAME to match the database name (that is, not the node-specific SID).

    For example, if your shell is CSH and you are using a single-instance installation:

    setenv ORACLE_UNQNAME oracle_sid
    
  8. Run Net Configuration Assistant (NetCA) interactively.

    When the NetCA graphical interface appears, follow the instructions. Use a listener name LISTENER_Oracle_SID, where sid the value of the ORACLE_UNQNAME variable that you set in Step 7. Use the same listener port as in the Release 10.2.3.2.7 installation. You can find these values in the $ORACLE_HOME/network/admin/listener.ora file for the Release 10.2.3.2 installation.

  9. In the Audit Vault Server home directory, disable Oracle Database Vault.

    The Audit Vault Server uses Oracle Database Release 11.2. See the following instructions for disabling Database Vault on this server:

    http://docs.oracle.com/cd/E11882_01/server.112/e23090/dvdisabl.htm

  10. Run Database Upgrade Assistant (DBUA) manually by using the same SID as your Audit Vault Release 10.2.3.2.7 installation.

    dbua -silent -sid SID -oracleHome previous_Oracle_home_directory
    -disableArchiveLogMode -recompile_invalid_objects true -degree_of_parallelism 2
    -upgradeTimezone -emConfiguration LOCAL -dbsnmpPassword password
    -sysmanPassword password
    

    Check the upgrade logs for any errors in the location pointed by Database Upgrade Assistant before you proceed to the next step.

  11. In SQL*Plus, log in as SYS with the SYSDBA privilege and then set the COMPATIBLE initialization parameter to reflect the Release 11.2.0.3 upgrade.

    sqlplus sys as sysdba
    Enter password: password
    
    SQL> ALTER SYSTEM SET COMPATIBLE='11.2.0.3.0' SCOPE=SPFILE;
    
  12. Restart Oracle Database.

    SQL> SHUTDOWN IMMEDIATE
    SQL> STARTUP
     
    
  13. Run the AVCA upgrade script to upgrade Audit Vault, as follows:

    avca upgrade -old_oh Oracle_home
    

    Ensure that you specify the old Audit Vault Server Release 10.2.3.2.7 home directory in this step.

    When this script completes, the Audit Vault Server 10.3 upgrade is successful and Oracle Database Vault is automatically enabled.

  14. After the upgrade script completes successfully, run the following AVCTL command and check that the result shows the latest bundle patch release number:

    avctl show_av_status
    
  15. Ensure that listener_Oracle_SID is running with TCPS with HTTP.

    listener status listener_Oracle_SID
    

2.3 Upgrading an Oracle Audit Vault Server Oracle RAC Instance

After you have installed the bundle patch (BP7) on your Oracle Audit Vault Server installation as described in Section 2.1, you are ready to complete the procedures in this section.

Note:

You must complete each step in these processes successfully before proceeding to the next step. Inspect all output and log files for failures, and take necessary corrective action to determine the recovery procedure if a failure occurs, referring to the appropriate Oracle documentation for the tool that has failed. If in doubt, contact Oracle Support.

2.3.1 Step 1: Prepare Oracle Audit Vault for the Upgrade

  1. Check the Oracle RAC Cluster Ready Services (CRS) Version.

    Ensure that the CRS version is Release 11.2.0.3 or later. If the CRS version is not Release 11.2.0.3 or later, then you must first patch CRS to Release 11.2.0.3 before continuing with this upgrade.

  2. Set the environment variables for the Oracle Audit Vault Server.

    See "Checking and Setting Environment Variables" in Chapter 2 of Oracle Audit Vault Administrator's Guide:

    http://docs.oracle.com/cd/E14472_01/doc.102/e14459/avadm_mng_config.htm#CEGJBIBF

  3. Back up the Oracle Audit Vault database.

    To use Oracle Recovery Manager (RMAN) to back up the database:

    1. Start RMAN:

      $ rman target /
      
    2. Issue the following RMAN commands. In the following example, the tag is named before_upgrade.

      BACKUP DATABASE FORMAT 'backup_directory%U' TAG before_upgrade;
      BACKUP CURRENT CONTROLFILE FORMAT 'save_controlfile_location';
      

    See Oracle Database Backup and Recovery Basics for more information about backing up a database. See the Oracle Database Release 11.2 documentation library for more information:

    http://www.oracle.com/pls/db112/homepage

  4. Back up the Audit Vault Server home directory.

    Back up or copy these files to another directory until after you have tested the upgrade.

    See Oracle Database Backup and Recovery User's Guide for information about backing up a home directory.

  5. Shut down Oracle Database.

    SQL> SHUTDOWN IMMEDIATE
     
    
  6. Do the following in all nodes:

    1. Disable Oracle Database Vault in the Oracle Audit Vault Server installation.

      See Appendix B, "Disabling and Enabling Oracle Database Vault," in Oracle Database Vault Administrator's Guide for Release 10.2.0.5:

      http://docs.oracle.com/cd/B19306_01/server.102/b25166/dvdisabl.htm

    2. Ensure that SYS/passwd@SID AS SYSDBA is in a password file, by running the orapwd utility.

      cd $ORACLE_HOME/dbs
      orapwd file=orapw$ORACLE_SID password=password nosysdba=n force=y
      
  7. In the primary node, drop the Oracle Enterprise Manager Database Control repository.

    emca -deconfig dbcontrol db -repos drop
    

    Enter the following information:

    Database SID: database_SID
    Listener port number: port_number
    Password for SYS user:  SYS_password
    Password for SYSMAN user: SYSMAN_password
    
  8. Stop the Audit Vault Server.

    avctl stop_av 
    
  9. Stop the listener.

    srvctl stop listener
    

2.3.2 Step 2: Install Oracle Audit Vault Server Release 10.3 in Software Only Mode

  1. Select an empty directory for the new $ORACLE_HOME directory. Do not reuse the existing Audit Vault $ORACLE_HOME directory.

  2. Go to the directory where you downloaded and unzipped Audit Vault Server 10.3.0.0.0.

  3. Unset the TZ environment variable.

    • In CSH:

      unsetenv TZ 
      
    • In KSH:

      export TZ=
      
    • In Bash:

      unset TZ
      
  4. Invoke the installer as follows:

    ./av/Disk1/runInstaller oracle_install_db_SID=SID
    

    SID is the SID of the Audit Vault 10.2.3.2.7 Server database that you are upgrading from.

    In an Oracle RAC environment, the database unique name differs from the database SID. The SID is node-specific, whereas the database unique name is not. Therefore, ensure that you use the SID, not the database unique name when you invoke the installer.

2.3.3 Step 3: Download and Install the Latest Oracle Audit Vault Bundle Patch

  1. Download OPatch version 11.2.0.3.0 or later from My Oracle Support (patch ID 6880880).

  2. Unzip this downloaded zip file into the Release 10.3.0.0.0 Audit Vault Server home directory.

  3. Download the latest Oracle Audit Vault Release 10.3 bundle patch from My Oracle Support.

    https://support.oracle.com

  4. Unzip the downloaded the patch into a directory outside the Audit Vault Server home directory.

    A new directory named after the patch number (for example, 12345678) is created.

  5. Set the environment variables for the new Oracle Audit Vault Server home directory as follows:

    • Set the ORACLE_SID environment variable to the SID used by Oracle Database Release 10.2.3.

    • Set the remaining environment variables to the new Audit Vault Server environment.

    See "Checking and Setting Environment Variables" in Chapter 2 of Oracle Audit Vault Administrator's Guide:

    http://docs.oracle.com/cd/E23574_01/admin.103/e23571/avadm_mng_config.htm#CEGJBIBF

  6. Apply the latest Oracle Audit Vault Release 10.3 bundle patch by using the opatch apply command from the directory in which you unzipped the patch.

    For example:

    $ORACLE_HOME/OPatch/opatch apply patch_number
    

    Ensure that you do not run the avca apply_patch command, even though the patch README instructs you to do so. (The README applies to upgrades from 10.3.0.0.0 to the latest bundle patch, not from 10.2.3.2.7.)

  7. Set the ORACLE_UNQNAME environment variable as follows:

    • For single instance installations, set ORACLE_UNQNAME to match the ORACLE_SID value.

    • For Oracle RAC installations, set ORACLE_UNQNAME to match the database name (that is, not the node-specific SID).

    For example, if your shell is CSH and you are using a single-instance installation:

    setenv ORACLE_UNQNAME oracle_sid
    
  8. Run Net Configuration Assistant (NetCA) interactively and accept all the defaults. Ensure that the port that you specify is not in use.

    dbua
    
  9. Run Database Upgrade Assistant (DBUA) manually by using the same SID as your 10.3.2.6 or 10.2.3.2.7 installation.

    dbua -silent -sid SID -oracleHome 10.2.3.2.x_Server_Oracle_home_directory
    -disableArchiveLogMode -recompile_invalid_objects true -degree_of_parallelism 2
    -upgradeTimezone -emConfiguration LOCAL -dbsnmpPassword password
    -sysmanPassword password
    
  10. In SQL*Plus, log in as SYS with the SYSDBA privilege and then set the COMPATIBLE initialization parameter to reflect the Release 11.2.0.3 upgrade.

    sqlplus sys as sysdba
    Enter password: password
    
    SQL> ALTER SYSTEM SET COMPATIBLE='11.2.0.3.0' SCOPE=SPFILE;
    
  11. Restart Oracle Database.

    SQL> SHUTDOWN IMMEDIATE
    SQL> STARTUP
     
    
  12. Run the AVCA upgrade script to upgrade Audit Vault, as follows:

    avca upgrade -old_oh Oracle_home -rac Y -racnode node_1,node_2, node_n
    

    Ensure that you specify the old Audit Vault Server Release 10.2.3.2.7 home directory in this step.

    When this script completes, the Audit Vault Server 10.3 upgrade is successful and Oracle Database Vault is automatically enabled.

  13. Enable Oracle Database Vault manually on all the other nodes.

    See Appendix B, "Disabling and Enabling Oracle Database Vault," in Oracle Database Vault Administrator's Guide for Release 11.2:

    http://docs.oracle.com/cd/E11882_01/server.112/e23090/dvdisabl.htm

  14. After the upgrade script completes successfully, then run the following AVCTL command and check that the result shows the release number for the latest Oracle Audit Vault bundle patch:

    avctl show_av_status
    

2.4 Upgrading the Oracle Audit Vault Agent

This section contains:

2.4.1 Information Required to Upgrade the Audit Vault Agent to the Latest Bundle Patch

You must have the name of the agent, the agent user name, and the agent password that were provided during the initial installation of the Audit Vault Agent. For example, if the Release 10.2.3.2.7 agent name is myagent and it is configured to use the user name myagentuser, then you must use the same agent name/user name for the Release 10.3.0.0.0 agent as well, because it is an upgrade.

If you do not remember the name of the agent or the agent user name, then you can find them by logging into the Audit Vault Console, and clicking on the Agents tab. You may need to view or edit the agent to obtain the user name.

If you cannot remember the agent password, follow the instructions in Chapter 5, Section 5.4.4, "Changing the AV_AGENT Password," in the Oracle Audit Vault Administrator's Guide.

2.4.2 Preparing to Upgrade the Oracle Audit Vault Agent

Before upgrading an Oracle Audit Vault Agent to the latest bundle patch, ensure that you have already upgraded the Oracle Audit Vault Server to the latest bundle patch. An Audit Vault Server can only manage agents with version numbers less than or equal to its own.

You can upgrade to the Release 10.3 version of Oracle Audit Vault if your agent version is 10.2.3.2.6 or later.

To check the bundle patch that you currently have installed for the Audit Vault agent:

  1. Go to the computer on which you have installed Audit Vault agent home.

  2. Set the Audit Vault agent environment variables.

    See the following section in Oracle Audit Vault Administrator's Guide for more information:

    http://docs.oracle.com/cd/E14472_01/doc.102/e14459/avadm_mng_config.htm#CEGHHIBD

  3. Run the following command to find the current version of the Audit Vault agent:

    $ cat $ORACLE_HOME/oc4j/j2ee/home/applications/AVAgent/AVAgent/WEB-INF/classes/av.properties
    

    Output similar to the following appears. Look for the line that begins with av.release.version to find the currently installed version.

    #Thu Mar 01 13:17:48 PST 2012
    av.agent.name=Local
    av.dn=
    av.log.level=INFO
    url=jdbc\:oracle\:oci\:@AV
    av.agent=true
    av.release.version=10.2.3.2.6
    
  4. If the version is Oracle Audit Vault Release10.2.3.2.5 or earlier, then complete the remaining steps in this procedure to upgrade to Release 10.2.3.2.7.

  5. Log into My Oracle Support.

    https://support.oracle.com

  6. Select the Patches and Updates tab.

  7. Search for patch ID 13087259 to find the Oracle Audit Vault Release 10.2.3.2.7 bundle patch.

  8. Select Download to download bundle patch 13087259.

  9. Select Read Me and then follow the instructions to install bundle patch 13087259.

  10. Stop all collectors that are running in the agent, and then stop the agent, as follows:

    1. Set the environment variables as described in the following section of Oracle Audit Vault Administrator's Guide:

      http://docs.oracle.com/cd/E14472_01/doc.102/e14459/avadm_mng_config.htm#CEGHHIBD

    2. From the Audit Vault Server, stop the collectors.

      avctl stop_collector -collname collector_name -srcname source_name
      
    3. From the Audit Vault collection agent, stop the agent.

      avctl stop_agent
      

2.4.3 Upgrading the Audit Vault Agent to Release 10.3.0.0.0

  1. Unset the ORACLE_HOME, ORACLE_BASE, TWO_TASK, and TNS_ADMIN environment variables.

    For example:

    unset ORACLE_HOME
    unset ORACLE_BASE
    unset TWO_TASK
    unset TNS_ADMIN
    
  2. Install Audit Vault Agent 10.3.0.0.0.

    When prompted, specify the same agent name, agent user name, and password that you used in the previous release. See Section 2.4.1 for more information.

    See Oracle Audit Vault Agent Installation Guide:

    http://docs.oracle.com/cd/E23574_01/install.103/e23588/toc.htm

  3. After the installation completes successfully, set the environment variables to match the directory in which you installed the Audit Vault Release 10.3 agent.

    See the following section in Oracle Database Vault Administrator's Guide, Release 10.3, Chapter 2, "Registering Source Databases and Collectors."

    http://docs.oracle.com/cd/E23574_01/admin.103/e23571/avadm_mng_config.htm#CEGJBIBF

  4. Run the AVCA upgrade script:

    avca upgrade -old_oh 10.2.3.2.x_Agent_Oracle_home
    

    The script should complete almost immediately. When this script completes, the Audit Vault Agent 10.3 upgrade is successful. It does not produce any output for a successful upgrade. If there are errors, then check the $ORACLE_HOME/av/log/avca.log file.

  5. Uninstall the Audit Vault 10.2.3 agent.

    1. Open a new terminal window.

    2. In the previous Oracle home directory, run the $ORACLE_HOME/oui/bin/runInstaller to start Oracle Universal installer.

    3. In Oracle Universal Installer, choose Deinstall Products.

2.4.4 Applying the Latest Audit Vault Agent Bundle Patch

The latest Oracle Audit Vault Release 10.3 is available on My Oracle Support.

3 Postinstallation Tasks

After you install Oracle Audit Vault, check if there is a patch set or critical patch update (CPU) available. Before applying any Oracle Audit Vault patch sets, back up your Oracle Audit Vault database, the Oracle Audit Vault Server home, and the Oracle Audit Vault collection agent home. See Section 3.1 for more information.

This section describes the following postinstallation tasks if you need to update this patch:

3.1 Back Up and Recovery of Oracle Audit Vault

Back up the files before you begin a critical patch upgrade and keep these files until you have tested the upgrade.

3.2 Critical Patch Update (CPU)

A CPU is a collection of patches for security vulnerabilities. It also includes non-security fixes required (because of interdependencies) by those security patches. CPUs are cumulative, and they are provided quarterly on the Oracle Technology Network (OTN). As a best practice, apply the latest CPUs to the Oracle Audit Vault Server.

For information about critical patch updates and security alerts, see:

http://www.oracle.com/technetwork/topics/security/alerts-086861.html

4 General Installation: All Platforms

This section describes known issues and workarounds for single instance and Oracle installations on all platforms.

This section contains:

4.1 Errors in avca.log After a Server Upgrade

When you upgrade the Audit Vault Server from a previous release, error messages appear in the $ORACLE_HOME/av/log/avca.log file. This problem does not affect the Audit Vault agent installation.

These error messages are as follows:

ORA-00001: unique constraint (DVSYS.*) violated 
ORA-00955: name is already used by an existing object 
ORA-02260: table can have only one primary key 
ORA-02261: such unique or primary key already exists in the table 
ORA-02275: such a referential constraint already exists in the table 
ORA-02303: cannot drop or replace a type with type or table dependents 
ORA-04042: procedure, function, package, or package body does not exist 
ORA-01920: user name '*' conflicts with another user or role name 
ORA-01921: role name '*' conflicts with another user or role name 
ORA-01951: ROLE 'AV_*' not granted to 'SYS' 
ORA-01952: system privileges not granted to 'DBA' 
ORA-24145: evaluation context DVSYS.* already exists 

Workaround: You can ignore these error messages.

Oracle Bug: 8489866

4.2 Invalid Objects Appear After Upgrade of Single Instance Database from Audit Vault 10.2.3.2.6 to 10.3

After you upgrade from Audit Vault Release 10.2.3.2.x to Release 10.3, invalid objects may appear.

For example:

SQL> SELECT OBJECT_NAME, OBJECT_ID, OWNER FROM ALL_OBJECTS WHERE STATUS='INVALID';

OBJECT_NAME                     OBJECT_ID OWNER
------------------------------ ---------- ------------------------------
DV$3                                71282 DVSYS
DV$4                                71283 DVSYS

2 rows selected. 

Workaround: Run the UTL_RECOMP.RECOMP_SERIAL PL/SQL procedure to recompile the invalid objects.

exec utl_recomp.recomp_serial('DVSYS');

Oracle Bug: 13389960

4.3 Audit Vault Agent Deinstallation Error

When deinstalling Audit Vault Agent from home, you may see the following error.

AVAGENT DEINSTALL FROM HOME EXISTING WITH THE FOLLOWING ERROR
----------------------------------------------------------------------
 
## [START] Oracle install clean ##
 
ERROR: null
Exited from program.


############# ORACLE DEINSTALL & DECONFIG TOOL END #############
------------------------------------------------------------------- 

Workaround: You can ignore this message. The prompt returns following the displayed message.

Oracle Bug: 13400226

4.4 Errors When Running DBUA During Upgrade for Oracle RAC

During the Audit Vault Server upgrade process from Audit Vault Release 10.2.3.6 to 10.3 for Oracle RAC installations, the following errors appear when the upgrade process reaches the Enterprise Manager repository stage while running Database Upgrade Assistant (DBUA):

  • ORA-01403: no data found

  • ORA-01704: string literal too long

Workaround: You can ignore these messages. The upgrade process will complete successfully.

Oracle Bug: 13458418

4.5 Oracle RAC Remote Databases Down on IBM AIX on Power Systems After Installation

On Oracle RAC systems on the IBM AIX on Power platform, after the Oracle Audit Vault Server RAC installation has completed, the remote database instances may be down.

Workaround: Use the following command to start each remote database instance from the primary node:

$ORACLE_HOME/bin/srvctl start instance -d database_SID -i instance_SID

Oracle Bug: 13387318

4.6 Installation Failures on IBM AIX 6.1 TL7 SP1 Systems

On IBM AIX 6.1 TL7 SP1 systems, the Oracle Audit Vault installation fails with a relinking error or with an ORA-12547 TNS:lost contact error.

Workaround: Upgrade to IBM AIX 6.1 TL7 SP2 so that you can obtain the APAR IV09580 and other IBM bug fixes, and then try the installation again.

Oracle Bug: 13626936

4.7 SQL Exception Error During 10.2.3.2.7 to redact_partial_cc Upgrade

An error similar to the following error appears in the av-client.log file during an Audit Vault Release 10.2.3.2.7 to the latest bundle patch upgrade:

SEVERE: ReportGenerator: 
SQLException after connect: ORA-00904: "APEX_PROTOCOL": invalid identifier 
 
/May 17, 2012 9:48:55 AM Thread-12 SEVERE: oracle.jms.AQjmsException: 
JMS-120: Dequeue failed 
oracle.jms.AQjmsException: JMS-120: Dequeue failed 

Workaround: You can disregard this error. It does not affect the upgrade process.

Oracle Bug: 14093979

5 General Administration and Configuration Issues

This section contains:

5.1 Accessing Audit Vault Console on Oracle as Auditor Fails

After you install the Audit Vault Server on an Oracle cluster, accessing the Audit Vault console using the AV_AUDITOR role fails on some versions of Internet Explorer (IE). After you log in as AV_AUDITOR, there may be an error.

Workaround: If you log in as AV_AUDITOR, and see an error right after logging in, click on the Diagnose Network Problem button. You should then be able to log in.

Oracle Bug: 13369982

5.2 OSAUD Collector Crashing When Reading syslog.conf File

When used to collect syslog data, the OSAUD collector can crash continuously and without recovery if the syslog.conf file was not created with the proper syntax.

Workaround: Ensure that you created the syslog.conf file using the correct syntax. Refer to the operating system documentation for information about editing the syslog.conf file and the proper syntax to use. If an invalid syslog.conf syntax is causing the collector crash, then fix the syslog.conf file. After you restart the OSAUD collector, then the collector activities should resume. To restart the collector, run the avctl stop_collector and avctl start_collector commands using the following syntax:

avctl stop_collector -collname collector_name -srcname source_name 
avctl start_collector -collname collector_name -srcname source_name 

Oracle Bug: 13498703

5.3 Agent OC4J Agent Core Dumps When the JAVA_COMPILER Environment Variable Is Set

On the IBM AIX on POWER Systems (64-Bit) system, if the JAVA_COMPILER environment variable is set, then the agent OC4J may dump core when you try to run the avctl start_collector command.

Workaround: Follow these steps:

  1. Unset the JAVA_COMPILER environment variable.

    For example:

    unset JAVA_COMPILER
    
  2. Restart the agent.

    avctl stop_agent
    avctl start_agent
    

Oracle Bug: 13567520

5.4 Logging into Enterprise Manager Database Console Throws ORA-12505 Error in Oracle RAC

When logging into the Oracle Enterprise database console after you have installed Oracle Audit Vault in an Oracle RAC environment, you may see the following error:

java.lang.Exception: ORA-12505: TNS:listener does not currently know of SID given in connect descriptor

Workaround: See the articles 1312904.1 and 975457.1 in My Oracle Support, which is available from the following website:

https://support.oracle.com

Oracle Bug: 13387385

5.5 Audit Vault Collectors Fail to Start on Windows 2008 R2 Systems

On Microsoft Windows 2008 R2 systems, the Audit Vault collectors fail to start successfully. This is because the Oracle Audit Vault Agent service is installed under the Local System account, which is the account under which the service is installed by default.

Workaround: To start the collectors successfully without errors, follow these steps:

  1. From the Windows Start menu, select Control Panel, then Administrative Tools, then Services.

  2. Under Name, select the agent service for your name.

    Typically, this name is Oracle Audit Vault Agent agent_name.

  3. Right-click the name of the agent service and from the menu, select Properties.

  4. In the Properties dialog box, select the Log On tab.

  5. Select the This Account option.

  6. In the This account and Password fields, enter the user name and password of Windows OS user account that was used to install the Oracle Audit Vault agent software (that is, the Oracle Audit Vault Agent Software Owner).

    A message saying This user has been granted Log on as Service rights appears.

  7. Click OK.

  8. Click OK.

  9. To start the service, in the Service control panel, right-click the Oracle Audit Vault Agent agent_name. service and from the menu, select Start.

Oracle Bug: 13651797

5.6 On AIX the Start Collector Fails with an HTTP Communication Error

On IBM AIX on POWER Systems (64-bit) systems, sometimes the avctl start_collector command fails with the following error message:

Http Communication error : Connection refused

Check if the agent OC4J process dumped core. You can find a core dump in the directory from where the agent was started.

Workaround: Start the agent and then re-issue the avctl start_collector command.

For example, assuming the collector is DBAUD_Collector and the source name is hr_db:

avctl start_agent

avctl start_collector -collname DBAUD_Collector -srcname hr_db

Oracle Bug: 13642701

5.7 NLS Issue: Unable to Read Some Strings Defined in Properties File

Some strings that are defined in the NLS properties files are unable to be read. As a result, in the Oracle Enterprise Manager Cloud Control pages, the key for the string appears and not the string itself. An example of this problem appears in Chapter 6, "Using Oracle Audit Vault in Enterprise Manager Cloud Control," in Section 6.7.1. In Figure 6-5, "Audit Vault Agents Home Page," the Incidents and Problems area shows incidents_and_problems_escala.... It should show the corresponding string, Escalated, instead.

Workaround: None

Oracle Bug: 13621348

6 Source Database Configuration Issues

There are no known source database configuration issues for Oracle Audit Vault.

7 Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.


Oracle Audit Vault Release Notes, Release 10.3

E23572-09

Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.