This metric is used to enable Database Vault Security Analyst to keep a watch on the violation attempts against the Database Vault database. Database Vault Security Analyst can pick the command rules he would like to get alerted on and even further filter them based on the different types of attempts by using error codes. This metric is not enabled out of the box; the user needs to enable it from Metrics and Policy Settings page. By default, this metric is collected every 1 hour, but the user can set his own collection frequency.
The rest of the information in this section is only valid for this metric when it appears in either the Enterprise Manager Grid Control or the Enterprise Manager Database Control (if applicable).
The following table shows how often the metric's value is collected and compared against the default thresholds. The 'Consecutive Number of Occurrences Preceding Notification' column indicates the consecutive number of times the comparison against thresholds should hold TRUE before an alert is generated.
Target Version |
Evaluation and Collection Frequency |
Upload Frequency |
Operator |
Default Warning Threshold |
Default Critical Threshold |
Consecutive Number of Occurrences Preceding Notification |
Alert Text |
All Versions |
Every Hour |
Not Uploaded |
MATCH |
Not Defined |
Not Defined |
1* |
%ACTION_OBJECT_NAME% got violated at %VIOLATIONTIMESTAMP% |
* Once an alert is triggered for this metric, it must be manually cleared.
For this metric you can set different warning and critical threshold values for each unique combination of "Database Vault Command Rule " and "Violation Time" objects.
If warning or critical threshold values are currently set for any unique combination of "Database Vault Command Rule " and "Violation Time" objects, those thresholds can be viewed on the Metric Detail page for this metric.
To specify or change warning or critical threshold values for each unique combination of "Database Vault Command Rule " and "Violation Time" objects, use the Edit Thresholds page. See Editing Thresholds for information on accessing the Edit Thresholds page.
The attempted violations are picked up from the target's database vault audit trail. Only audit entries related to command rule, which represent failed attempts to execute a SQL, are selected.
To know more about the violations, for example, the command that was violated, which database user triggered the violation, what action trigged this violation, and at what time this violation happened, login to the target's Database Vault Home Page and use the Attempted Violations charts.
Related Topics
About Alerts
About the Metric Detail Page
Editing Thresholds
Copyright © 1996, 2009, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates.
Other names may be trademarks of their respective owners.