PK
.j?oa, mimetypeapplication/epub+zipPK .j? iTunesMetadata.plistW
This chapter describes the procedure to upgrade an Oracle Audit Vault Server (Audit Vault Server) installation from release 10.2.2.1.0 or earlier to release 10.2.3.0.0. This chapter includes the following topics:
You cannot roll back the Audit Vault Server upgrade installation. Back up the current installation before performing the upgrade.
Back Up the Database
After cleanly shutting down the instance following the analysis of the database, you should perform a full backup of the database. Complete the following steps:
Sign on to RMAN:
rman "target / nocatalog"
Issue the following RMAN commands:
BACKUP DATABASE FORMAT 'backup_directory%U' TAG before_upgrade;
BACKUP CURRENT CONTROLFILE TO 'save_controlfile_location';
Caution: If you encounter problems with the upgrade and wish to abandon the upgrade completely, then you will need to restore the database from this backup. Therefore, make sure you back up your database now as a precaution. |
See Also: Oracle Database Backup and Recovery Basics for more information about backing up a database. |
Back Up Audit Vault Server Home
Because the upgrade will update files in the Oracle Audit Vault Server home, these files should all be backed up or copied to another directory until the patchset has been tested.
Abandon the Upgrade
If the upgrade is not successful, to abandon the upgrade, perform the following steps:
Copy (Restore) the Oracle Audit Vault Server home files back.
If you completed the steps in Back Up the Database to back up your database, then restore that backup. Complete the following steps:
Log in to the system as the owner of the Oracle home directory of the previous release.
Sign on to RMAN:
rman "target / nocatalog"
Issue the following RMAN commands:
STARTUP NOMOUNT RUN { REPLICATE CONTROLFILE FROM 'save_controlfile_location'; ALTER DATABASE MOUNT; RESTORE DATABASE FROM TAG before_upgrade ALTER DATABASE OPEN RESETLOGS; }
The only requirement to perform an upgrade to Audit Vault Server 10.2.3.0.0 is that Oracle Universal Installer detects an older release of an Audit Vault Server (release 10.2.2.1.0 or earlier) installed on your system.
To upgrade to Oracle Audit Vault Server release 10.2.3, you must follow this sequence of steps to shut down Oracle Audit Vault components, perform the server upgrade, perform the collection agent upgrade, then start up Oracle Audit Vault components:
Step 9: Perform the Postupgrade Procedure in the Audit Vault Server Home
See the information about upgrading an Oracle Audit Vault collection agent in Oracle Audit Vault Collection Agent Installation Guide for more information.
Details of each of these steps follows.
Step 1: Ensure the NLS_LANG Environment Variable Is Not Set
The NLS_LANG
environment variable must not be set.
For example, for C shell:
unsetenv NLS_LANG
For example, for Bourne, Bash, or Korn shells:
unset NLS_LANG
Step 2: Stop All Collectors
You must stop all collectors associated with the Audit Vault Server to which this upgrade installation is being applied.
From the Audit Vault Server home with ORACLE_HOME
, ORACLE_SID
, and PATH
environment variables properly set for the Audit Vault Server home, use the following command syntax to stop each collector.
avctl stop_collector -collnamecollector-name
-srcnamesource-name
Step 3: Stop All Collection Agents
You must stop all collection agents associated with the Audit Vault Server to which this upgrade installation is being applied.
From the Audit Vault Server home with ORACLE_HOME
, ORACLE_SID,
and PATH
environment variables properly set for the Audit Vault Server home, use the following command syntax to stop each collection agent.
avctl stop_agent -agentname agent-name
Step 4: Stop the Agent OC4J
You must stop all agent OC4J associated with the Audit Vault Server to which this upgrade installation is being applied. There is one agent OC4J associated with each collection agent.
From each Oracle Audit Vault Agent home with ORACLE_HOME
, LD_LIBRARY_PATH
, LIBPATH
, and PATH
environment variables properly set for the Audit Vault Agent home, use the following command syntax to stop each agent OC4J.
avctl stop_oc4j
Step 5: Stop the Oracle Audit Vault Console
From the Audit Vault Server home with ORACLE_HOME
, ORACLE_SID
, and PATH
environment variables properly set for the Audit Vault Server home, use the following command syntax to stop the Oracle Audit Vault Console.
avctl stop_av
In an Oracle RAC environment, run the command on all nodes where Oracle Audit Vault is installed.
Note: In an Oracle RAC environment, do not shut down Enterprise Manager on the remote nodes; otherwise, you will have to manually start up Enterprise Manager on these remote nodes following an upgrade to Audit Vault Server release 10.2.3.0.0. |
Step 6: Shut Down the Oracle Audit Vault Database
From the Audit Vault Server home, use the following command to shut down the Oracle Audit Vault Database.
sqlplus /nolog SQL*Plus: Release 10.2.0.3.0 - Production on Thu Dec 13 22:51:56 2007 Copyright (c) 1982, 2007, Oracle. All Rights Reserved. SQL> connect sys as sysoper Enter password: Connected. SQL> SQL> shutdown immediate Database closed. Database dismounted. Oracle instance shut down. SQL> exit
In an Oracle RAC environment, run the following command from the local node:
$ORACLE_HOME/bin/srvctl stop database –dAVdatabase name
-q Connect string: [/ as sysdba] sys/sys password
as sysdba
Step 7: Stop the Listener
From the Audit Vault Server home, use the following command to stop the listener. The listener name is usually LISTENER. Perform the lsnrctl status
command to determine the name of the listener.
$ORACLE_HOME/bin/lsnrctl stop Listener-name
In an Oracle RAC environment, run the command on all nodes where Oracle Audit Vault is installed.
Step 8: Perform the Upgrade to Oracle Audit Vault Server Release 10.2.3.0.0 in the Audit Vault Server Home
Perform the following steps to perform the upgrade to Oracle Audit Vault Server release 10.2.3.0.0 in the Audit Vault Server home:
Locate the Oracle Audit Vault Server release 10.2.3 media and mount the media.
Start Oracle Universal Installer (OUI) from the directory where the runInstaller program is located.
cd directory-containing-Oracle-Audit-Vault-Server-Installation-Files
./runInstaller
On the Oracle Audit Vault Server Installation Select Installation Type window, when the installer detects an upgradable release, it automatically selects the Upgrade Existing Audit Vault Server Home option and displays the upgradable home path specifications. If there is more than one upgradable path to upgrade, review the path names, and select the path specification to upgrade. Then click Next.
For an Oracle RAC installation, a node selection screen displays. All fields are disabled. You cannot make changes. This screen is displayed to show on what nodes this installation upgrade is going to be installed.
The Summary Page screen is displayed. Check the space requirements. Note that 672 MB of space is required to the upgrade to Oracle Audit Vault Server 10.2.3.0.0, which includes 117 MB of temporary space. Next, review each of the items that are about to be installed. Click Install.
The Configuration Assistant screen appears and proceeds to apply Audit Vault Server one-off patches and then the Audit Vault Upgrade Assistant runs some AVCA scripts to continue the release 10.2.3 upgrade installation.
On the End of Installation screen, you should see a message indicating a successful installation. Take note of the URL for the Oracle Audit Vault Console 10.2.3.0.0. Click Exit to exit the Oracle Universal Installer. Then on the Exit confirmation screen for the prompt "Do you really want to exit?", click Yes to confirm the exit operation.
See Oracle Audit Vault Collection Agent Installation Guide for information on upgrading all Oracle Audit Vault collection agent release 10.2.2.1.0 or earlier collection agents that are associated with your recently upgraded Audit Vault Server installation to release 10.2.3.0.0.
Step 9: Perform the Postupgrade Procedure in the Audit Vault Server Home
Perform the following postupgrade procedure in the Audit Vault Server home:
Stop the Oracle Audit Vault Console.
avctl stop_av
Shut down the Oracle Audit Vault Database.
sqlplus /nolog SQL*Plus: Release 10.2.0.3.0 - Production on Thu Dec 13 22:51:56 2007 Copyright (c) 1982, 2007, Oracle. All Rights Reserved. SQL> connect sys as sysoper Enter password: Connected. SQL> SQL> shutdown immediate Database closed. Database dismounted. Oracle instance shut down. SQL> exit
In an Oracle RAC environment, run the following command from the local node:
$ORACLE_HOME/bin/srvctl stop database –dAVdatabase name
-q Connect string: [/ as sysdba] sys/sys password
as sysdba
Now, enable the Database Vault instance.
cd $ORACLE_HOME/rdbms/lib make -f ins_rdbms.mk dv_on ioracle
Step 10: Perform the Upgrade to Oracle Audit Vault Collection Agent Release 10.2.3.0.0 in the Audit Vault Collection Agent Homes
Note: All release 10.2.2.1.0 or earlier Oracle Audit Vault collection agents associated with the recently upgraded Audit Vault Server to release 10.2.3.0.0 can now be upgraded to Oracle Audit Vault collection agent release 10.2.3.0.0 in order to maintain compatibility with this most current release of the Audit Vault Server. See the information about upgrading an Oracle Audit Vault collection agent in Oracle Audit Vault Collection Agent Installation Guide for more information. |
Step 11: Start All Collection Agents
From the Audit Vault Server home with ORACLE_HOME
, ORACLE_SID
, and PATH
environment variables properly set for the Audit Vault Server home, use the following command syntax to start each collection agent.
avctl start_agent -agentname agent-name
Step 12: Start All Collectors
From the Audit Vault Server home with ORACLE_HOME
, ORACLE_SID
, PATH
, LIBPATH,
and LD_LIBRARY_PATH
environment variables properly set for the Audit Vault Server home, use the following command syntax to start each collector.
avctl start_collector -collnamecollecctor-name
-srcnamesource-name
Step 13: Monitor the Oracle Audit Vault System
This step is a reminder to monitor the Oracle Audit Vault system to ensure all Oracle Audit Vault components are running and the system is operational. See the Oracle Audit Vault for more information.
Note: The basic installation is not supported in silent mode. Silent installation is only supported for the advanced upgrade installation. |
Follow these brief steps to perform a silent upgrade installation using a response file:
Make sure all prerequisites are met for the installation of Audit Vault Server and Oracle Audit Vault collection agent.
Prepare the Audit Vault Server response file. A template response file can be found at AV installer location
/response/upgrade_av.rsp
on the Audit Vault Server installation media.
Prepare the response file by entering values for all parameters that are missing in the first part of the response file, then save the file. Note that for single instance installations, RAW storage is not used. Also note that the CLUSTER_NODES
parameter must be specified for installing Audit Vault Server in an Oracle RAC environment. Do not edit any values in the second part of either response file.
Set the DISPLAY
environment variable to an appropriate value before proceeding with the silent installation. See Section 2.11 for more information.
Invoke Oracle Universal Installer using the following options:
./runInstaller -silent -responseFile path_of_response_file
For more information about these options, see Section 1.3.2. For general information about how to complete a database installation using response files, see Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for AIX Based Systems.
Note that after performing an Oracle Audit Vault Server upgrade, because the upgrade is an inplace upgrade, the original directory structure is still in use. This means the ORACLE_HOME
, PATH
, LIBPATH
, and LD_LIBRARY_PATH
environment variables are the same as they were prior to the upgrade.
See Section 3.7 for any additional post upgrade installation tasks.
This chapter includes an overview of the major steps required to install single instance Oracle Audit Vault Server (Audit Vault Server) and to install Audit Vault Server with Oracle Real Application Clusters (Oracle RAC).
This chapter includes the following sections:
The Oracle Audit Vault Server software is available:
On digital video disc (DVD)
For download on Oracle Technology Network, http://www.oracle.com/technology/index.html
For an overview of requested information specific to the Audit Vault Server installation, see Section 3.6.
See Section 2.12 for important information about setting the correct locale.
To perform Audit Vault Server single instance basic installation:
Invoke Oracle Universal Installer (OUI) to install Oracle Audit Vault as an Oracle Database 10g release 2 (10.2.0.3) database.
Log in as the oracle
user. Alternatively, switch the user to oracle
using the su -
command. Change your current directory to the directory containing the installation files. Start Oracle Universal Installer from the Oracle Audit Vault package.
cd directory-containing-the-Oracle-Audit-Vault-installation-files
./runInstaller
Note: On AIX 6L version 6.1, use the ignoreSysPrereqs flag:./runinstaller -ignoreSysPrereqs |
Oracle Universal Installer starts up by first checking the following installation requirements and displaying the results. For example, it shows what the value should be or must be greater than or at least equal to, then the actual value for each check and the check result status: Passed or Failed.
Checking operating system version: must be 5200, 5300 or 6100 Passed
Checking temp space: must be greater than 80 MB. Actual 15412 MB Passed
Checking swap space: must be greater than 150 MB. Actual 3931 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 65536 Passed
Then Oracle Universal Installer prepares to launch itself.
On the Select Installation Type page, select the Basic Installation option, then click Next.
Enter the following information on the Basic Installation Details page. See Section 3.6 for more information about each of these topics.
Audit Vault Name – A unique name for the Oracle Audit Vault database. The Oracle Audit Vault name is required. The name will be used as the database SID, and will be the first portion (db_name
) of the database service name.
Audit Vault Home – Specify or browse to find the path to the Oracle Audit Vault Home where you want to install Oracle Audit Vault. Install the Audit Vault Server into a new home directory.
Audit Vault Administrator and Audit Vault Auditor – The account name of the Oracle Audit Vault Administrator and a separate, optional Oracle Audit Vault Auditor, respectively. The Oracle Audit Vault administrator and Oracle Audit Vault auditor account names must not be the same. The Oracle Audit Vault Administrator account name is required. Accept the selected Create a Separate Audit Vault Auditor check box to choose to create the Oracle Audit Vault Auditor account name. The check box is selected by default. Deselecting the check box disables the text fields for the Oracle Audit Vault Auditor user name and password. The Oracle Audit Vault Administrator in this case will also be granted the role of Oracle Audit Vault Auditor.
The Oracle Audit Vault Administrator user name will also be used for the following Oracle Database Vault users that are created to facilitate the separation of duties:
AV_ADMIN
dvo
– The Database Vault Owner (granted DV_OWNER
role) to manage Database Vault roles and configuration, where AV_ADMIN
represents the Oracle Audit Vault Administrator user name.
AV_ADMIN
dva
– The Database Vault Account Manager (granted DV_ACCTMGR
role) to manage database user accounts, where AV_ADMIN
represents the Oracle Audit Vault administrator user name.
Administrator Password and Auditor Password – The password for the Oracle Audit Vault administrator account and the Oracle Audit Vault auditor account, respectively.
There cannot be repeating characters in each password. The length of each password must be between 8 and 30 characters. Each password must consist of at least one alphabetic character, one numeric character, and one of the special characters shown in Table 3-2.
The password entered for the Oracle Audit Vault administrator account will also be used for the standard database accounts (sys
, system
, sysman
, dbsnmp
).
The Oracle Audit Vault administrator password will also be used for the Oracle Database Vault users (Database Vault Owner and the Database Vault Account Manager users) that are created to facilitate the separation of duties.
Confirm Password – The confirming password for the Oracle Audit Vault Administrator account and the Oracle Audit Vault auditor account, respectively.
Each password must be identical to its corresponding password confirmation.
After entering the required information, click Next to continue with the installation. The Next button is enabled only when information has been entered for all required fields. Validation of information is done on all user input after you click Next. The installation process will not continue until all required input passes validation.
If this is the first installation of an Oracle product on the system, then the Oracle Universal Installer displays the Specify inventory directory and credentials page, where you must enter the Inventory directory location and the OS group name, then click Next.
Review the installation prerequisite checks on the Prerequisite Check page. This is when all installation prerequisite checks are performed and the results are displayed. Verify that all prerequisite checks succeed, then click Next.
Oracle Universal Installer checks the system to verify that it is configured correctly to run Oracle software. If you have completed all of the preinstallation steps in this guide, all of the checks should pass.
If a check fails, then review the cause of the failure listed for that check on the screen. If possible, rectify the problem and rerun the check. Alternatively, if you are satisfied that your system meets the requirements, then you can select the check box for the failed check to manually verify the requirement.
Review the installation summary information on the Basic Installation Summary page. After reviewing this installation information, click Install to begin the installation procedure. The installation will copy files, link binaries, apply patches, run configuration assistants, including DBCA to create and start the Audit Vault Server, DVCA to secure the server, and AVCA to configure and start Oracle Audit Vault Console.
At the end of running DBCA to configure the software and create the database, a message displays, click OK to continue.
Provide information or run scripts as the root
user when prompted by Oracle Universal Installer. The root.sh
script adds your environment variable settings to scripts, such as coraenv
, that you can later use to set your environment variables. If you need assistance during installation, click Help. If you encounter problems during installation, then examine the Oracle Universal Installer actions recorded in the installation log file. The log file is located in the cfgtoollogs/oui
directory, in the following location:
$ORACLE_HOME/cfgtoollogs/oui/installActionsdate_time.log
After the installation completes, take note of the Oracle Enterprise Manager Database Control URL and the Oracle Audit Vault Console URL. On the Exit page, click Exit. Then, on the Confirmation message box, click Yes to exit Oracle Universal Installer.
See Section 3.7.7 for information about logging into Oracle Audit Vault Console and Oracle Enterprise Manager Database Control.
After you have completed the installation, proceed to Section 3.7 to perform the postinstallation tasks.
This section assumes you performed phase one of the installation procedures for installing Oracle Audit Vault with Oracle Real Application Clusters (Oracle RAC) as described in Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for AIX Based Systems. These tasks include preinstallation tasks, configuring Oracle Clusterware and Oracle Database storage, and installing Oracle Clusterware. You are now ready to install Oracle Audit Vault in an Oracle RAC environment.
This section describes the remaining installation procedures for installing Oracle Audit Vault with Oracle Real Application Clusters (Oracle RAC).
Verifying System Readiness for Installing Oracle Audit Vault with CVU
To help to verify that your system is prepared to install Oracle Audit Vault with Oracle RAC successfully, use the Cluster Verification Utility (CVU) runcluvfy command.
See the "Verifying System Readiness for Installing Oracle Database with CVU " section in Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for AIX Based Systems.
If the cluster verification check fails, then review and correct the relevant system configuration steps, and run the test again. Use the system configuration checks described in "Troubleshooting Installation Setup" section in Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for AIX Based Systems to assist you.
This section describes the advanced installation for both the single instance installation and the Oracle RAC installation.
See Section 2.12 for important information about setting the correct locale.
Perform the following procedures to install Oracle Audit Vault.
Run Oracle Universal Installer (OUI) to install Oracle Audit Vault.
Log in as the oracle
user. Alternatively, switch user to oracle
using the su -
command. Change your current directory to the directory containing the installation files. Start Oracle Universal Installer from the Oracle Audit Vault package.
cd directory-containing-the-Oracle-Audit-Vault-installation-files
./runInstaller
Note: On AIX 6L version 6.1, use the ignoreSysPrereqs flag:./runinstaller -ignoreSysPrereqs |
Oracle Universal Installer starts up by first checking the following installation requirements and displaying the results. For example, it shows what the value should be or must be greater than or at least equal to, then the actual value for each check and the check result status: Passed or Failed.
Checking operating system version: must be 5200, 5300 or 6100 Passed
Checking temp space: must be greater than 80 MB. Actual 14773 MB Passed
Checking swap space: must be greater than 150 MB. Actual 3970 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 65536 Passed
Then Oracle Universal Installer prepares to launch itself.
On the Select Installation Type screen, select the Advanced Installation option, then click Next.
Enter the following information on the Advanced Installation Details screen. See Section 3.6 for more information about each of these topics.
Audit Vault Name – A unique name for the Audit Vault database. The Oracle Audit Vault name is required. For single instance installation, the name will be used as the database SID, and will be the first portion (db_name
) of the database service name. For an Oracle RAC installation, the name will be used to derive the Oracle RAC database SID of each Oracle RAC node, and will be the first portion (db_name
) of the database service name.
Audit Vault Home – Specify or browse to find the path to the Oracle Audit Vault home where you want to install Oracle Audit Vault.
Audit Vault Administrator and Audit Vault Auditor – the account name of the Oracle Audit Vault administrator and a separate, optional Oracle Audit Vault auditor, respectively. The Oracle Audit Vault administrator and Oracle Audit Vault auditor account names cannot be the same. The Oracle Audit Vault Administrator account name is required. Accept the selected Create a Separate Audit Vault Auditor check box to choose to create the Oracle Audit Vault auditor account name. The check box is selected by default. Deselecting the check box disables the text fields for the Oracle Audit Vault auditor user name and password. The Oracle Audit Vault administrator in this case will also be granted the role of Oracle Audit Vault Auditor.
Administrator Password and Auditor Password – The password for the Oracle Audit Vault administrator account and the Oracle Audit Vault auditor account, respectively.
There cannot be repeating characters in each password. The length of each password must be between 8 and 30 characters. Each password must consist of at least one alphabetic character, one numeric character, and one of the special characters shown in Table 3-2.
Confirm Password – The confirming password for the Oracle Audit Vault Administrator account and the Oracle Audit Vault Auditor account, respectively.
Each password must be identical to its corresponding password confirmation.
After entering the required information, click Next to continue with the installation. The Next button is enabled only when information has been entered for all required fields. Validation of information is done on all user input after you click Next. The installation process will not continue until all required input passes validation.
If this is the first installation of an Oracle product on the system, then the Oracle Universal Installer displays the Specify inventory directory and credentials page, where you must enter the Inventory directory location and the OS group name, then click Next.
Enter the following information on the Database Vault User Credentials screen. See Section 3.6.2 for more information about each of these topics.
Database Vault Owner and Database Vault Account Manager – The account name of the Database Vault Owner and a separate, optional Database Vault Account Manager, respectively. The Database Vault Owner, Database Vault Account Manager, Oracle Audit Vault Administrator, and Oracle Audit Vault Auditor account names must not be the same (applicable when a separate Oracle Audit Vault Auditor or Database Vault Account Manager account is created). The Database Vault Owner name is required. Accept the selected Create a Separate Database Vault Account Manager check box to choose to create the Database Vault Account Manager account name. The check box is selected by default. Deselecting the check box disables the text fields for the Database Vault Account Manager user name and password. The Database Vault Owner in this case will also be granted the role of Database Vault Account Manager.
Database Vault Owner Password and Database Vault Account Manager Password – The password for the Database Vault Owner account and the Database Vault Account Manager account, respectively.
There cannot be repeating characters and space characters in each password. The length of each password must be between 8 and 30 characters. Each password must consist of at least one alphabetic character, one numeric character, and one of the special characters shown in Table 3-2.
Confirm Password – The confirming password for the Database Vault Owner account and the Database Vault Account Manager account, respectively.
Each password must be identical to its corresponding password confirmation.
After entering the required information, click Next to continue with the installation. The Next button is enabled only when information has been entered for all required fields. Validation of information is done on all user input after you click Next. The installation process will not continue until all required input passes validation.
If you are installing on a clustered system (Oracle Clusterware is installed and the system is already part of a cluster), the Node Selection screen appears from which to select the nodes on which Oracle Audit Vault will be installed. Local node will always be selected by default. If you are installing Oracle Audit Vault single instance on this local node only, select the Local Only Installation option, then click Next.
If you are installing on a clustered system (Oracle Clusterware is installed and the system is already part of a cluster), select the nodes on which on which Oracle Audit Vault must be installed, then click Next.
Review the installation prerequisite checks on the Prerequisite Check screen. This is when all installation prerequisite checks are performed and the results are displayed. Verify that all prerequisite checks succeed, then click Next.
Oracle Universal Installer checks the system to verify that it is configured correctly to run Oracle Database software. If you have completed all of the preinstallation steps in this guide, all of the checks should pass.
If a check fails, then review the cause of the failure listed for that check on the screen. If possible, rectify the problem and rerun the check. Alternatively, if you are satisfied that your system meets the requirements, then you can select the check box for the failed check to manually verify the requirement.
On the Specify Database Storage Options screen, you can select one of the following storage options: File system, Automatic Storage Management (ASM), or Raw Devices.
If you select the File System, specify or browse to the database file location for the data files. If you select Raw Devices, specify the path or browse to the Raw Devices mapping file. If you select Automated Storage Management (ASM), you must have already installed ASM. Make a selection and click Next.
On the Specify Backup and Recovery Options screen, you can choose either to not enable automated backups or to enable automated backups.
If you select the Do not enable Automated backups option, click Next.
If you select the Enable Automated backups option, then you must specify a Recovery Area Storage. You can choose either to use the File System option or the Automatic Storage Management option.
If you select the File System option, specify a path or browse to the recovery area location. Next, for Backup Job Credentials, enter the operating system credentials (user name and password) of the user account with administrative privileges to be used for the backup jobs, then click Next.
If you select the Automatic Storage Management option, then for Backup Job Credentials, enter the operating system credentials (user name and password) of the user account with administrative privileges to be used for the backup jobs, then click Next.
Next, select the disk group from the existing disk groups. This screen lets you select the disk groups. If the disk group selected has enough free space, by clicking Next, the Specifying Database Schema Password screen is displayed (see Step 9). If the disk group selected does not have enough free space, the Configure Automatic Storage Management page is displayed.
On the Configure Automatic Storage Management screen, you can select the disks to add from the Add Member Disks table by selecting the check box in the Select column for the corresponding disks.
On AIX systems, the default path for discovering eligible disks is /dev/raw/*
. If your disks are located elsewhere, you must change the disk discovery path for the disks to be discovered by Oracle Universal Installer. To change the path, click Change Disk Discovery Path.
On the Specify Database Schema Passwords screen, you can choose to enter different passwords for each privileged database account or select the Use the same passwords for all accounts option. If you choose to enter a set of valid passwords for each privileged database account, enter these passwords. If you select the Use the same passwords for all accounts option, then enter a single valid password. When you are finished, click Next.
Review the installation summary information on the Advanced Installation Summary screen. After reviewing this installation information, click Install to begin the installation procedure. The installation will copy files, link binaries, apply patches, run configuration assistants, including DBCA to create and start the Audit Vault Server, DVCA to secure the server, and AVCA to configure and start Oracle Audit Vault Console.
At the end of running DBCA to configute the software and create the database, a message displays, click OK to continue.
Run scripts as the root
user when prompted by Oracle Universal Installer. If you need assistance during installation, click Help. If you encounter problems during installation, then examine the Oracle Universal Installer actions recorded in the installation log file. The log file is located in the cfgtoollogs/oui
directory in the following location:
$ORACLE_HOME/cfgtoollogs/oui/installActionsdate_time.log
Note: The Oracle home name and path that you provide during Oracle Audit Vault installation must be different from the home that you used during the Oracle Clusterware installation. You cannot install Oracle Audit Vault with Oracle RAC software into the same home in which you installed the Oracle Clusterware software. |
The following is a list of additional information to note about installation:
If you are not using the ASM library driver (ASMLIB), and you select Automatic Storage Management (ASM) during installation, then ASM default discovery finds all disks that ASMLIB marks as ASM disks.
If you are not using ASMLIB, and you select ASM during installation, then ASM default discovery finds all disks marked /dev/raw/*
for which the Oracle software owner user has read/write permission. You can change the disk discovery string during the installation if the disks that you want to use for ASM are located elsewhere.
On the Select Database Management Option page, if you have already completed the Grid Control Management Agent installation, then you can select either Grid or Local Database control. Otherwise, only Local Database control for database management is supported for Oracle RAC. When you use the local Database Control, you can choose the e-mail option and enter the outgoing SMTP server name and e-mail address.
See Also: Oracle Enterprise Manager Grid Control Installation and Basic Configuration for details about installing Grid Control with Oracle Universal Installer, and Oracle Enterprise Manager Advanced Configuration Guide for details about installing Database Control with the Database Configuration Assistant (DBCA) and Enterprise Manager Configuration Assistant (EMCA) |
After the installation completes, take note of the Oracle Enterprise Manager Database Control URL and the Oracle Audit Vault Console URL. On the Exit page, click Exit. Then, on the Confirmation message box, click Yes to exit Oracle Universal Installer.
See Section 3.7.7 for information about logging into Oracle Audit Vault Console and Oracle Enterprise Manager Database Control.
After you have completed the part of the installation, proceed to Section 3.7 to perform the postinstallation tasks.
Note: The Basic installation is not supported in silent mode. Silent installation is only supported for the Advanced installation. |
Follow these brief steps to perform a silent installation using a response file:
Make sure all prerequisites are met for the installation of Audit Vault Server.
Prepare the Audit Vault Server response file. A template response file can be found at AV_installer_location/response/av.rsp
on the Audit Vault Server installation media.
Prepare the response file by entering values for all parameters that are missing in the first part of the response file, then save the file. Note that for single instance installations, RAW storage is not used. Also note that the CLUSTER_NODES
parameter must be specified for installing Audit Vault Server in an Oracle RAC environment. Do not edit any values in the second part of either response file.
Set the DISPLAY
environment variable to an appropriate value before proceeding with the silent installation. See Section 2.11 for more information.
Invoke Oracle Universal Installer using the following options:
./runInstaller -silent -responseFile path_of_response_file
Note: Before you invoke Oracle Universal Installer, run therootpre.sh script to setup the AIX system the first time. If you have already run this script, then you can bypass the silent installation confirmation prompt by setting the following environment variable before starting the runInstaller utility:
|
For more information about these options, see Section 1.3.2. For general information about how to complete a database installation using response files, see Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for AIX Based Systems.
This section provides an overview of requested information specific to the Audit Vault Server installation.
An Audit Vault Server installation consists of three options:
Upgrade Existing Audit Vault Server Home – Detects the existence of upgradable Oracle Audit Vault Server homes on the system and enables the upgrade option to the current release. Performs an upgrade on the selected upgradable Audit Vault Server home when this option is selected. See Chapter 4 for more information on performing an upgrade.
Basic Installation – Simplifies the installation process and prompts for a minimal set of inputs, including the name of the Oracle Audit Vault database, the Oracle Audit Vault administrator and optionally the auditor user names and passwords. An Oracle RAC installation is not supported through the Basic Installation option.
Advanced Installation – Offers the user more control and options for the installation process, including storage options and backup options. The Advanced Installation option supports the installation of Audit Vault Server on a cluster.
Note: If you perform an Audit Vault Server installation using Simplified Chinese (zh_CN ) or Japanese (ja_JP ) languages, then accessing help on the installer screen will display a blank help window. For more information on this refer to the Oracle Audit Vault Release Notes. |
This section includes the following topics:
Advanced Server Installation: Database Vault User Credentials Screen
Advanced Server Installation: Specify Database Storage Options Screen
Advanced Server Installation: Specify Backup and Recovery Option Screen
Advanced Server Installation: Specify Database Schema Passwords Screen
This section describes the required fields in the Basic Installation Details screen and the Advanced Installation Details screen.
The Oracle Audit Vault Name must be a unique name for the Oracle Audit Vault database. The name will be used for the database SID, and will be the first portion (db_name
) of the database service name.
The name cannot exceed 8 characters and must begin with an alphabetic character.
The Oracle Audit Vault name cannot contain any of the characters shown in Table 3-1.
Table 3-1 Invalid Oracle Audit Vault Name and Oracle Audit Vault Account Characters
Symbol | Character Name |
---|---|
! |
Exclamation point |
@ |
At sign |
% |
Percent sign |
^ |
Circumflex |
& |
Ampersand |
* |
Asterisk |
( |
Left parenthesis |
) |
Right parenthesis |
- |
Minus sign |
+ |
Plus sign |
= |
Equal sign |
" |
Double quotation mark |
| |
Vertical bar |
` |
grave |
~ |
tilde |
[ |
Left bracket |
{ |
Left brace |
] |
Right bracket |
} |
Right brace |
; |
Semicolon |
: |
Colon |
' |
Single quotation mark |
< |
Less than sign |
> |
Greater than sign |
/ |
Slash |
\ |
Backslash |
? |
Question mark |
, |
Comma |
. |
Period |
# |
Number sign |
_ |
Underscore |
$ |
Dollar sign |
Space character |
The Oracle Audit Vault Home is the path that you must specify or browse to find the Oracle Audit Vault home where you want to install Oracle Audit Vault. The path can contain only alphanumeric characters (letters and numbers).
In addition, the special characters shown in Table 3-2 are allowed.
The Oracle Audit Vault Server installation software prompts you for user names and passwords for the Oracle Audit Vault Administrator user and the separate, optional Oracle Audit Vault Auditor user. In addition, the installation creates an Oracle Database Vault Owner user and a separate, Oracle Database Vault Account Manager for you (basic installation) or the installation prompts you for these user names and passwords (advanced installation). Finally, the installation creates sys
, system
, sysman
, and dbsnmp
standard database users for you (basic installation) or the installation prompts for passwords for these users (advanced installation).
You must supply a user name and password for the Oracle Audit Vault administrator user and optionally for the Oracle Audit Vault auditor user during installation. The Create a Separate Audit Vault Auditor check box is selected by default, which means that a separate Oracle Audit Vault Auditor account will be created (and the corresponding user name and password are required). The Oracle Audit Vault Administrator user will be granted the AV_ADMIN
role and the Oracle Audit Vault Auditor user will be granted the AV_AUDITOR
role. Deselecting this check box means that the Oracle Audit Vault Administrator user will be granted both roles, because the separate Oracle Audit Vault Auditor user will not be created.
Oracle Audit Vault Administrator and Oracle Audit Vault Auditor Accounts
The Oracle Audit Vault Administrator account is granted the AV_ADMIN
role. The user granted the AV_ADMIN
role can manage the postinstallation configuration. This role accesses Oracle Audit Vault services to administer, configure, and manage a running Oracle Audit Vault system. This role registers audit sources. This role has the ability to configure parameters that assist in populating the Oracle Audit Vault data warehouse. For the basic installation, the Oracle Audit Vault Administrator user name is used to generate the following Oracle Database Vault users to facilitate the separation of duties:
AV_ADMIN
dvo
– The Database Vault Owner (granted DV_OWNER
role) to manage Database Vault roles and configuration
AV_ADMIN
dva
– The Database Vault Account Manager (granted DV_ACCTMGR
role) to manage database user accounts
For the advanced installation, a Database Vault User Credentials page prompts for the Database Vault Owner account name and password and a separate, optional Database Vault Account Manager account name and password.
The Oracle Audit Vault Auditor account is granted the AV_AUDITOR
role. The user granted the AV_AUDITOR
role accesses Oracle Audit Vault Reporting and Analysis services to monitor components, detect security risks, create and evaluate alert scenarios, create detail and summary reports of events across systems, and manage the reports. This role manages central audit settings. This role can use the data warehouse services to further analyze the audit data to assist in looking for trends, intrusions, anomalies, and other areas of interest.
The Oracle Audit Vault Administrator, Oracle Audit Vault Auditor, Database Vault Owner, and Database Vault Account Manager user names must not be the same. For the basic installation, the Oracle Audit Vault Administrator user name must be between 2 and 27 characters because the characters "dvo" and "dva" are appended to the Administrator name making the normal upper limit of 30 characters for the user names that are allowed to be 27 characters. For the advanced installation, the Oracle Audit Vault Administrator user name must be between 2 and 30 characters.
The length of the Oracle Audit Vault Auditor user name must be between 2 and 30 characters. Each user name must not be one of the following reserved names.
Names | Names | Names | Names | Names |
---|---|---|---|---|
ACCESS | ADD | ALL | ALTER | AND |
ANONYMOUS | ANY | AQ_ADMINISTRATOR_ROLE | AQ_USER_ROLE | ARRAYLEN |
AS | ASC | AUDIT | AUTHENTICATEDUSER | AV_ADMIN |
AV_AGENT | AV_ARCHIVER | AV_AUDITOR | AV_SOURCE | AVSYS |
BETWEEN | BY | CHAR | CHECK | CLUSTER |
COLUMN | COMMENT | COMPRESS | CONNECT | CREATE |
CTXAPP | CTXSYS | CURRENT | DATE | DBA |
DBSNMP | DECIMAL | DEFAULT | DELETE | DELETE_CATALOG_ROLE |
DESC | DIP | DISTINCT | DM_CATALOG_ROLE | DMSYS |
DMUSER_ROLE | DROP | DV_ACCTMGR | DV_ADMIN | DVF |
DV_OWNER | DV_PUBLIC | DV_REALM_OWNER | DV_REALM_RESOURCE | DV_SECANALYST |
DVSYS | EJBCLIENT | ELSE | EXCLUSIVE | EXECUTE_CATALOG_ROLE |
EXFSYS | EXISTS | EXP_FULL_DATABASE | FILE | FLOAT |
FOR | FROM | GATHER_SYSTEM_STATISTICS | GLOBAL_AQ_USER_ROLE | GRANT |
GROUP | HAVING | HS_ADMIN_ROLE | IDENTIFIED | IMMEDIATE |
IMP_FULL_DATABASE | IN | INCREMENT | INDEX | INITIAL |
INSERT | INTEGER | INTERSECT | INTO | IS |
JAVA_ADMIN | JAVADEBUGPRIV | JAVA_DEPLOY | JAVAIDPRIV |