13 Configuring a SAN Repository (AVDF 12.1.2)

Topics

About Configuring a SAN Repository

Starting in Oracle AVDF 12.1.2 you can optionally configure a SAN storage repository for these data types:

  • Event Data - Data that is kept online in the Audit Vault Server for a specified duration according to archiving policies. After the online duration expires, this data is then archived.

  • System Data - Data specific to the Oracle AVDF system

  • Recovery - Recovery data for the Audit Vault Server repository

During the Audit Vault Server installation process, your server will be partitioned to store Event, System, and Recovery data in a way that works with the number of disk partitions you have set up on the server. Optionally, you can register SAN servers and configure your storage repository to use additional disks to store this data. See Oracle Audit Vault and Database Firewall Installation Guide for installation information.

About Configuring a SAN Repository in High Availability Environments

In a high availability environment, you can configure the storage repository on the secondary Audit Vault Server from the primary Audit Vault Server, using either the console UI or AVCLI commands. The primary and secondary Audit Vault Servers must not share (read or write to) the same SAN disks, and you must ensure that the secondary server has at least the same amount of space in each disk group as the primary server.

Configuring a SAN Server to Communicate with Oracle AVDF

Oracle AVDF uses Linux Open-iSCSI to communicate with SAN servers. You must ensure that the iSCSI service is enabled on the SAN server you want to use for storing AVDF data, and provide the Audit Vault Server's iSCSI initiator name to your storage administrator to use in configuring the SAN server. The SAN server must allow iSCSI targets and LUNs (logical unit numbers) to communicate with this iSCSI initiator name. We recommend that the LUN numbers assigned to a disk should be fixed.

Important:

Ensure that you do not have more than one target mapped to the same disk on the SAN storage server.

Some SAN servers may also require the Audit Vault Server's IP address.

To find the Audit Vault Server's iSCSI initiator name and IP address:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click SAN.

    The SAN Servers page is displayed with the ISCSI initiator name at the bottom.

    Description of san_iscsi_name.png follows
    Description of the illustration ''san_iscsi_name.png''

    In a high availability environment, you will see two ISCSI initiator names, one for the primary Audit Vault Server and one for the secondary.

  3. To find the Audit Vault Server's IP address, click the Settings tab, then click Network. The IP address is at the top of this page.

Important:

Do not restart the iSCSI service on either the Audit Vault Server or the SAN server that is servicing the Audit Vault Server. If there is a need to restart either of these services, contact Oracle support.

Registering or Dropping SAN Servers in the Audit Vault Server

Topics

Registering a SAN Server

This procedure registers a SAN server in the Audit Vault Server. In a high availability environment, you can use this procedure to register a SAN server to the primary or the secondary Audit Vault Server. Note that while you can register the same SAN server to both the primary and secondary Audit Vault Servers, they must not share (read or write to) the same SAN disks.

To register a SAN server in the Audit Vault Server:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click SAN.

  3. Click Register, and provide the following information:

    • Register to - (High Availability Only) Select the Primary or Secondary Audit Vault Server.

    • Storage Name - Name for this SAN server

    • IP Address - SAN Server IP address

    • Port - SAN Server port

    • Method - The data transfer method

    • Authentication - If sendTargets is the transfer method, this specifies no authentication, or CHAP (one way). Using CHAP (one way), the Audit Vault Server is authenticated by the SAN server.

  4. Click Submit.

Dropping a SAN Server

You can drop a SAN server if none of its disks are in use for storage in the Audit Vault Server repository. Otherwise, you must first drop the disks from any disk groups that use this SAN server. See "Dropping SAN Disks from the Audit Vault Server Repository."

To drop a SAN server from the Audit Vault Server:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click SAN.

  3. Select the SAN server(s) you want to drop, and then click Drop.

Discovering Targets on a SAN Server

Topics

About SAN Targets and Disks

Once you have registered SAN servers in the Audit Vault Server, in order to make SAN disks available for storing Audit Vault Server data, you must discover and log in to the available target(s) on the SAN server.

When you log in to a target on the SAN server, a number of storage disks are made available to the Audit Vault Server, corresponding to the number of LUNs available on the SAN server for that target.

Discovering Targets on a SAN Server and Making Disks Available

You can discover targets on a SAN server that is registered with the Audit Vault Server. See "Registering a SAN Server".

To make SAN server disks available for storing Audit Vault Server data, you must log in to a target on the SAN server, and provide login credentials if required.

To discover targets on a SAN server:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click SAN.

  3. Find the SAN server you want, and then click the corresponding Discover link.

    A list of targets appears, showing the status of each target.

    Description of san_target_list.png follows
    Description of the illustration ''san_target_list.png''

  4. Click Log In to log in to a target on this SAN server and make its disks available for storage.

    If the SAN server is configured so that the target does not require credentials, you can leave those fields empty and click Log in.

Logging out of Targets on a SAN Server

You can log out of a target if none of its disk are in use for storing Audit Vault Server data. If a disk from a target is in use, you must first drop the disk(s), then log out of the target. See "Dropping SAN Disks from the Audit Vault Server Repository" for instructions.

To log out of a target on a SAN server:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click SAN.

  3. Find the SAN server you want, and then click the corresponding Discover link.

    A list of targets appears, showing the status of each target.

  4. Find the target you want, and then click the corresponding Log Out link in the Action column.

    If there is a dash character in the Action column for the target, then disks from this target are in use.

Adding or Dropping SAN Disks in the Audit Vault Server Repository

Topics

About Disk Groups in the Audit Vault Server Repository

There are three disk groups used for storing Audit Vault Server data, corresponding to three data types:

  • EVENTDATA

  • SYSTEMDATA

  • RECOVERY

If desired, you can add disks from a registered SAN server to the EVENTDATA, SYSTEMDATA, and RECOVERY disk groups to increase the storage capacity for those types of data. Otherwise, these data types are stored in disk partitions on the Audit Vault Server.

Adding SAN disks to these disk groups is optional. See "About Configuring a SAN Repository" for more information.

In a high availability environment: You must ensure that the secondary server has at least the same amount of space in each disk group as the primary server.

Figure 13-1 shows the Settings > Repository page. In the repository shown here:

  • The EVENTDATA disk group uses a SAN disk for extra storage.

  • The SYSTEM DATA and RECOVERY disk groups use only the Audit Vault Server disk partitions for storage.

  • For the EVENTDATA, SYSTEMDATA, and RECOVERY disk groups, the amount of free space available on the local Audit Vault Server partitions is also shown.

Figure 13-1 The Repository Page

Description of Figure 13-1 follows
Description of ''Figure 13-1 The Repository Page''

The Repository Page in a High Availability Environment

In a high availability environment, you would see the above disk groups for the Primary Audit Vault Server, followed by the same disk groups for the Secondary Audit Vault Server. You must ensure that the secondary server has at least the same amount of space in each disk group as the primary server.

Adding SAN Disks to the Audit Vault Server Repository

You can add SAN disks that are not already in use to any of the disk groups in the repository.

To add disks to a disk group in the repository:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click Repository.

  3. Click the Add Disk button corresponding the disk group you want.

    Details for available disks are displayed, including disk capacity and free space.

  4. Select the disk(s) you want to add to this disk group, and then click Use Disk(s).

  5. Click OK to confirm.

    The selected disk(s) are displayed under the specified disk group.

Dropping SAN Disks from the Audit Vault Server Repository

Before dropping a SAN disk, be sure that there is enough space on the remaining disks in the disk group to relocate the data from the disk you want to drop.

To drop a SAN disk from a disk group in the repository:

  1. Log in to the Audit Vault Server as a super administrator.

  2. Click the Settings tab, and then click Repository.

  3. Find the disk you want to drop under one of the disk groups, select the disk, and then click Drop Disk.

  4. Click OK to confirm.