| Oracle® Audit Vault Collection Agent Installation Guide Release 10.2.3 Part Number E11057-02 |
|
|
View PDF |
| Oracle® Audit Vault Collection Agent Installation Guide Release 10.2.3 Part Number E11057-02 |
|
|
View PDF |
This chapter includes the major steps required to install Oracle Audit Vault Agent.
This chapter includes the following sections:
You must add or register the Oracle Audit Vault Agent at Oracle Audit Vault Server. Perform the following steps to complete this task.
On the Audit Vault Server system, set the Audit Vault environment variables (ORACLE_HOME, ORACLE_SID, PATH, LD_LIBRARY_PATH (for Linux x86, Linux x86-64, and Solaris SPARC_64), SHLIB_PATH (for HP Itanium), or LIBPATH (for AIX), as applicable, or use the coraenv or oraenv scripts located in the server home bin directory ($ORACLE_HOME/bin) to perform this operation. Set ORACLE_HOME to point to the Audit Vault Server home. Set ORACLE_SID to the database name for a single instance installation (av is the default database name) or for an Oracle Real Application Clusters (Oracle RAC) installation, set it to the instance name. Set PATH to include $ORACLE_HOME/bin.
Add or register the Oracle Audit Vault Agent at Oracle Audit Vault Server and create the Agent user if one has not been previously created, or if you have already created an Agent user, enter that agent user name when prompted.
Run the following AVCA add_agent command.
Example 3-1 shows adding an agent and creating an Agent user. You will be prompted for the Agent user name and password, then you must verify the password.
Example 3-2 shows adding an agent and using a previously created Agent user. You will be prompted for just the Agent user name.
Example 3-1 Running the AVCA add_agent Command to Create the Agent User and Register the Agent with Audit Vault
avca add_agent –agentname <avagent name> [-agentdesc <agent description>] -agenthost <name of host where agent will be installed>
For example, if you have not previously created an agent user:
avca add_agent -agentname agent1 -agenthost machine2.us.oracle.com AVCA started Adding agent... Enter agent user name: <agentusername> Enter agent user password: <agent user pwd> Re-enter agent user password: <agent user pwd> Agent added successfully.
Example 3-2 Running the AVCA add_agent Command and Using a Previously Created Agent User and Register the Agent with Audit Vault
For example, if you have previously created an agent user named agentuser1 as this example shows:
avca add_agent -agentname agent1 -agenthost machine2.us.oracle.com AVCA started Adding agent... Enter agent user name: agentuser1 Agent added successfully.
The command arguments are as follows:
-agentname: The name of the agent, with no spaces. The agent name is case sensitive. The agent name must be unique to the Oracle Audit Vault Server. You cannot reuse an agent name for another agent name on the same server, even after the deinstallation of a previously installed agent. Oracle Audit Vault does not delete agent names that are dropped; it disables the agent name and retains the agent name in its metadata.
You should write this name down. You will enter it as part of the agent installation on the Agent Details page.
[-agentdesc <desc>]: Optional parameter. A description of the agent.
This is optional.
-agenthost: The host name where the agent is installed, for example, machine2.us.mycompany.com.
The Agent user name is the Agent user to whom the AV_AGENT role will be granted. Later, you will enter this same agent user name and then enter a password as part of the agent installation on the Agent Details page.
Provide this Agent user name and Agent name to the Audit Vault administrator who plans to install the Oracle Audit Vault Agent software described in Section 3.2.1.
This section describes the following topics:
For an overview of requested information specific to the Audit Vault Agent installation, see Section 3.2.2 and Section 3.2.3.
The steps to perform a new Audit Vault Agent Installation are as follows:
Run Oracle Universal Installer (OUI) to install Oracle Audit Vault Agent. You should run the installer as the software owner account that owns the current ORACLE_HOME environment. This is normally the oracle account.
For Linux and UNIX-based systems, log in as the oracle user. Alternatively, switch user to oracle using the su - command. Change your current directory to the directory that contains the installation files. Start Oracle Universal Installer from the Oracle Audit Vault Agent package.
For Linux and UNIX-based systems:
cd <directory containing the Oracle Audit Vault Agent installation files> ./runInstaller
For Windows systems, locate the directory containing the Oracle Audit Vault Agent installation files for Windows, then double-click setup.exe to start Oracle Universal Installer.
Specify the following information on the Agent Details page, then click Next:
Audit Vault Agent Name – The name of the agent (created in Step 2 of Section 3.1)
Audit Vault Agent Home – Specify or browse to find the path to the Audit Vault Agent home where you want to install Oracle Audit Vault Agent
Agent User Name – The account name of the Audit Vault Agent User (provided in Step 2 of Section 3.1).
Agent User Password – The password for the Audit Vault Agent user account (provided in Step 2 of Section 3.1).
Specify the Audit Vault Server Connect String that takes the form hostname:port:service name in that order using a (:) colon delimiter between each item, for example: machine2.us.company.com:1521:av.example.com.
See Section 3.2.3.4 for more information about the Audit Vault Server connect string.
See Section 3.2.3 for more information about specifying the Audit Vault information.
Review the installation prerequisite checks on the Prerequisite Check page. This is when all installation prerequisite checks are performed and the results are displayed. Verify that all prerequisite checks succeed, then click Next.
Oracle Universal Installer checks the system to verify that it is configured correctly to run Oracle software. If you have completed all of the preinstallation steps in this guide, all of the checks should pass.
If a check fails, then review the cause of the failure listed for that check on the screen. If possible, rectify the problem and rerun the check. Alternatively, if you are satisfied that your system meets the requirements, then you can select the check box for the failed check to manually verify the requirement.
On the installation Summary page, review the installation summary information. After reviewing this installation information, click Install to begin the installation procedure.
Provide information or run scripts as the root user when prompted by Oracle Universal Installer. If you need assistance during installation, click Help. If you encounter problems during installation, then examine the Oracle Universal Installer actions recorded in the installation log file. The log file is located in the cfgtoollogs/oui directory, in the following location:
For Linux and UNIX-based systems:
$ORACLE_HOME/cfgtoollogs/oui/installActionsdate_time.log
For Windows systems:
ORACLE_HOME\cfgtoollogs\oui\installActionsdate_time.log
After the installation completes, on the Exit page, click Exit. Then, on the Confirmation message box, click Yes to exit Oracle Universal Installer.
For Linux and UNIX-based platforms, the system should show that the oc4j process for the agent is running. This process can be checked using the ps command on the command line. For example, from the Audit Vault Agent home, run the following command:
ps -ef|grep oc4j
For Windows, a Windows service named Oracle Audit Vault Agent - <agent name> is created, where <agent name> is the name of the agent installed. This service is in a Stopped state. This is just a "bootstrap service"; it is not the agent itself, but rather a service used to start the agent. This bootstrap service completes its task of starting the agent and then shuts itself down, so it will never be seen in a running state. The agent process is a Java program running out of the Agent ORACLE_HOME directory.
See Oracle Audit Vault Administrator's Guide for more information about adding a source, adding a collector, and managing and monitoring the Audit Vault system.
This screen lets you select the type of Oracle Audit Vault Agent installation you wish to follow by selecting the respective installation type.
The Select Installation Type screen only appears if Oracle Universal Installer detects upgradable Audit Vault Agent homes on the system. If there are no upgradable Audit Vault Agent homes detected, the Audit Vault Agent Installation Details screen displays instead.
The installation types are:
Upgrade Existing Audit Vault Agent Home – If one or more existing upgradable Audit Vault Agent homes are detected on the system, the installation enables the upgrade option to the current release for the Audit Vault Agent home you select from the drop down list. If there are multiple Audit Vault Agent homes to be upgraded, you must perform the upgrade for each Audit Vault Agent home. You can only select one Oracle Agent Home at a time to perform the upgrade.
This installation type is only enabled if the installer detects existing upgradable Audit Vault Agent homes on the system.
See Chapter 4 for more information on performing an upgrade.
New Audit Vault Agent Installation – If this is a new Audit Vault Agent installation, select this option.
Note:
On AIX systems, if you perform an Audit Vault Agent installation using Simplified Chinese (zh_CN) or Japanese (ja_JP) languages, then accessing help on the installer screen will display a blank help window. For more information on this refer to the Oracle Audit Vault Release Notes.This section provides an overview of information specific to the Agent Details screen for the Audit Vault Agent installation.
This Agent Details screen does not appear when the Upgrade Existing Audit Vault Agent Home installation type option is selected. It only appears for when the New Audit Vault Agent Installation installation type option is selected.
Audit Vault Agent Name – The name of the agent can be a maximum of 255 characters. The agent name is required. This is the agent name you created in Section 3.1.
Audit Vault Agent Home – Specify or browse to find the path to the Audit Vault Agent home where you want to install Oracle Audit Vault Agent. The path must contain only alphanumeric characters (letters and numbers). The path is required.
Only the special characters shown in Table 3-1 are allowed.
Audit Vault Agent installation prompts for the account name and password of the Audit Vault Agent provided in Step 2 in Section 3.1.
Agent User Name – This user account is granted the AV_AGENT role. This user manages agents and collectors by starting, stopping, and resetting them. The agent user name is required.
Agent User Password – The password for the Audit Vault Agent user account. The password is required.
The Audit Vault Server connect string takes the form hostname:port:service name, where these three items are delimited by the colon (:) character. This connect string will be used to configure the connectivity of the agent to the Audit Vault Server database. The host name represents the system where the Audit Vault Server resides. The listener port number and service name information are needed to access the Audit Vault Server database.
These three components must be in the following order, and information for each component must be provided: host name, listener port, and service name.
The host name cannot contain any space characters. The host name is required.
The listener port number must have a value between 0 and 65535. The listener port number is required. The Audit Vault Server listener port number can be determined by issuing the following command in the Audit Vault Server home:
lsnrctl status
The structure of the service name is db_name.db_domain. The db_name portion is the Audit Vault name specified during the Audit Vault Server installation. The db_domain is the domain name portion of the full host name for the system where the Audit Vault Server is installed.
For Audit Vault Agent to be able to connect across the Oracle RAC Audit Vault Server nodes, you must establish the proper configuration. This configuration allows all the Audit Vault Agents to be able to connect when Audit Vault Server is configured in an Oracle RAC environment should the Audit Vault Server failover to another node.
Update the contents of each tnsnames.ora file in the Audit Vault Agent Oracle home located at <Agent_home>/network/admin/tnsnames.ora as follows:
<AV SID> = (DESCRIPTION = (ENABLE = BROKEN) (ADDRESS = (PROTOCOL = TCP)(HOST = <VIP address of node1>)(PORT = <listener port>)) (ADDRESS = (PROTOCOL = TCP)(HOST = <VIP address of node2>)(PORT = <listener port>)) (LOAD_BALANCE = yes) (CONNECT_DATA = (SERVICE_NAME = <AV GDN>) (FAILOVER_MODE=(TYPE=select) (METHOD=basic)(RETRIES=20) (DELAY=15))))
Follow these brief steps to perform a silent installation using a response file:
Make sure all prerequisites are met for the installation of Audit Vault Agent.
Prepare the Audit Vault Agent response file. A template response file can be found at <AV agent installer location>/response/avagent.rsp on Linux and UNIX-based systems at the Audit Vault Agent installation media and at <AV agent installer location>\response\avagent.rsp on Windows systems at the Audit Vault Agent installation media.
Prepare the response file by entering values in the first part of the response file for all parameters, then save the file. Do not edit any values in the second part of the response file.
Invoke Oracle Universal Installer using the following options:
For Linux and UNIX-based systems:
./runInstaller -silent -responseFile <Path of response file>
For Windows systems:
setup.exe -silent -responseFile <Path of response file>
In this example:
Path of response file identifies the full path of the response file.
-silent runs Oracle Universal Installer in silent mode and suppresses the Welcome window.
For more information about these options, see Section 1.1.2. For general information about these options and about how to complete an installation using these response files, see the platform specific Oracle Database installation guides and Oracle Database Oracle Clusterware and Oracle Real Application Clusters Installation Guide for Linux and "Installing Oracle Products" in Oracle Universal Installer and OPatch User's Guide for more information about installing and using response files.
This section describes the following topic:
You can find mandatory Oracle Audit Vault patchsets on the OracleMetaLink Web site.
To find and download patchsets for Oracle Audit Vault:
In Quick Find:
Select Knowledge Base from the menu.
Enter Audit Vault in the search box.
In the list of articles that appears, search for the phrase Mandatory Patches, and then look for any patches that apply to the current release of Oracle Audit Vault.
Select the article and then read the associated summary text that describes the patch contents.
Under In this Document, click Patches.
The Patches section lists the patches that you must apply.
Click the link for the first patch.
The Download page for the first page appears.
Click View Readme to read about the patch details, and then click Download to download the patch to your computer.
Repeat Step 7 through Step 8 for each patch listed in the Patches section.
Note:
No Oracle Database one-off patches should be applied to the Audit Vault database unless directed to do so by Oracle Support Services.A critical patch update (CPU) is a collection of patches for security vulnerabilities. It includes non-security fixes required (because of interdependencies) by those security patches. Critical patch updates are cumulative, and they are provided quarterly on the Oracle Technology Network. You should periodically check OracleMetaLink for critical patch updates.
To find and download critical patch updates for Oracle Audit Vault:
Follow Step 1 through Step 3 in 3 0to find the critical patch updates for Oracle Audit Vault.
In the list of articles that appears, search for the phrase Oracle Critical Patch Update.
Select the most recent critical patch update article, and then read its instructions.
Download the most recent critical patch update for Oracle Audit Vault. In most critical patch update articles, there is section entitled "Patch Download Procedure," which explains how to download the critical patch update.
For more information about critical patch updates, see:
http://www.oracle.com/security/critical-patch-update.html
For the latest information on whether a specific critical patch update is certified with Oracle Audit Vault, review the certification matrix on the OracleMetaLink Web site, at:
If you do not have a current Oracle Support Services contract, then you can access the same information at:
http://www.oracle.com/technology/support/metalink/content.html
To allow connectivity between Audit Vault Server and Microsoft SQL Server source databases, you must download and copy the JDBC Driver jar file to the designated location.
Section 3.4.3.1 describes this download and copy process for the JDBC Driver.
Section 3.4.3.2 describes how to ensure that the JDBC Driver jar file used by the MSSQLDB collector is present in the Agent OC4J.
Because the SQL Server 2005 Driver for JDBC works with both SQL Server 2000 and SQL Server 2005, use the SQL Server 2005 Driver for JDBC.
Download the Microsoft SQL Server 2005 Driver for JDBC from the following links.
http://msdn2.microsoft.com/en-us/data/aa937724.aspx
This Type 4 JDBC driver (sqljdbc.jar) provides highly scalable and reliable connectivity for the enterprise Java environment and provides JDBC access to SQL Server 2000 or SQL Server 2005 through any Java-enabled applet, application, or application server.
Copy the sqljdbc.jar file to the Audit Vault Agent home location:
ORACLE_HOME/jlib
After copying these JDBC Driver jar files to the designated location, you must ensure that they are present in Audit Vault Agent OC4J, before starting the Agent OC4J. If the Agent OC4J was already running during the download and copy process, you must stop it and start it up again. The sequence of steps to do this are as follows:
Stop each running collector in the Collection Agent.
On the Audit Vault Server, use the AVCTL stop_collector command.
Stop the running Collection Agent.
On the Audit Vault Server, use the AVCTL stop_agent command.
Stop the Agent OC4J.
On the Audit Vault Agent, use the AVCTL stop_oc4j command.
Start the Agent OC4J.
On the Audit Vault Agent, use the AVCTL start_oc4j command.
Start the Collection Agent.
On the Audit Vault Server, use the AVCTL start_agent command.
Start each collector in the Collection Agent.
On the Audit Vault Server, for each collector use the AVCTL start_collector command.
See the Audit Vault Control (AVCTL) Reference appendix in Oracle Audit Vault Administrator's Guide for more information about each of these commands.
After Audit Vault Server and Audit Vault Agent installation are complete, see Getting Started in Oracle Audit Vault Administrator's Guide for some Audit Vault Administration tasks to perform. These tasks include:
For Linux and UNIX platforms only: Check and set environment variables in the shells in which you will be interacting with the Audit Vault Server and the Audit Vault Collection Agent (see Checking and Setting Environment Variables (Linux and UNIX Platforms)).
For collecting audit records from Oracle Database audit sources, see Adding a Source and Collectors for an Oracle Database Source.
For collecting audit records from SQL Server Database audit sources, see Adding a Source and Collector for a SQL Server Database Source.
To start collecting audit records from a database audit source, see Starting Up Collection Agents and Collectors.
To perform other Audit Vault configuration tasks, see Performing Additional Audit Vault Configuration Tasks.
To manage and monitor an Audit Vault system, see Managing Audit Vault.
Before going into production be sure to secure management communications, see Oracle Advanced Security – Secure Management Communication.
|
 Copyright © 2007, 2008, Oracle. All rights reserved. Legal Notices |
|