Skip Headers
Oracle® Audit Vault Administrator's Guide
Release 10.2.3.1
Part Number E13841-02
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introducing Oracle Audit Vault for Administrators
1.1
How Do Administrators Use Oracle Audit Vault?
1.2
General Steps for Administering Oracle Audit Vault
1.2.1
Step 1: Understand the Oracle Audit Vault Architecture
1.2.2
Step 2: Plan the Oracle Audit Vault Source Database and Collector Configuration
1.2.3
Step 3: Configure Collectors to Collect Audit Data
1.2.4
Step 4: Monitor and Maintain the Audit Record Collection Process
1.3
Components of Oracle Audit Vault
1.3.1
Source Databases
1.3.2
Oracle Audit Vault Server
1.3.3
Audit Vault Collection Agent and Collectors
1.3.4
How the Oracle Audit Vault Components Work Together
1.4
Administrative Tools for Managing Oracle Audit Vault
1.5
Administrative Roles and Their Assigned Tasks
1.6
Planning the Source Database and Collector Configuration
1.6.1
About Planning the Source Database and Collector Configuration
1.6.2
Planning the Oracle Source Database and Collector Configuration
1.6.3
Planning the Microsoft SQL Server Source Database and Collector Configuration
1.6.4
Planning the Sybase ASE Source Database and Collector Configuration
1.6.5
Planning the IBM DB2 Source Database and Collector Configuration
2
Registering Source Databases and Collectors
2.1
General Steps for Adding Sources and Deploying Collectors
2.2
Checking and Setting Environment Variables
2.2.1
About Checking and Setting Linux and UNIX Environment Variables
2.2.2
Setting the Audit Vault Server Linux and UNIX Environment Variables
2.2.3
Setting the Collection Agent Linux and UNIX Environment Variables
2.2.4
Using the Collection Agent in a Microsoft Windows Environment
2.2.5
Setting the Oracle Source Database Linux and UNIX Environment Variables
2.3
Registering Oracle Database Sources and Collectors
2.3.1
Step 1: If Necessary, Create a Password File
2.3.2
Step 2: Create a User Account on the Oracle Source Database
2.3.3
Step 3: Verify That the Source Database Is Compatible with the Collectors
2.3.4
Step 4: Register the Oracle Source Database with Oracle Audit Vault
2.3.5
Step 5: Add the Oracle Collectors to Oracle Audit Vault
2.3.6
Step 6: Enable the Audit Vault Agent to Run the Oracle Database Collectors
2.4
Registering Microsoft SQL Server Database Sources and Collector
2.4.1
Step 1: Download the SQL Server 2005 Driver for JDBC
2.4.2
Step 2: Create a User Account on the Microsoft SQL Server Source Database
2.4.3
Step 3: Verify That the Source Database Is Compatible with the Collector
2.4.4
Step 4: Register the SQL Server Source Database with Oracle Audit Vault
2.4.5
Step 5: Add the MSSQLDB Collector to Oracle Audit Vault
2.4.6
Step 6: Enable the Audit Vault Agent to Run the MSSQLDB Collector
2.5
Registering Sybase ASE Database Sources and Collector
2.5.1
Step 1: Download the jConnect for JDBC Driver
2.5.2
Step 2: Create a User Account on the Sybase ASE Source Database
2.5.3
Step 3: Verify That the Source Database Is Compatible with the Collector
2.5.4
Step 4: Register the Sybase ASE Source Database with Oracle Audit Vault
2.5.5
Step 5: Add the SYBDB Collector to Oracle Audit Vault
2.5.6
Step 6: Enable the Audit Vault Agent to Run the SYBDB Collector
2.6
Registering IBM DB2 Database Sources and Collector
2.6.1
Step 1: Copy the DB2 Data Server Driver for JDBC and SQLJ to the Audit Vault Homes
2.6.2
Step 2: Designate a User Account on the IBM DB2 Source Database
2.6.3
Step 3: Verify That the Source Database Is Compatible with the Collector
2.6.4
Step 4: Register the IBM DB2 Source Database with Oracle Audit Vault
2.6.5
Step 5: Add the DB2DB Collector to Oracle Audit Vault
2.6.6
Step 6: Convert the Binary DB2 Audit File to an ASCII Text File
2.6.6.1
Step 7A: Complete the Preparation Steps
2.6.6.2
Step 7B: Run the Conversion Script
2.7
Starting the Collection Agents
2.7.1
Starting the Collection Agents from the Audit Vault Console
2.7.2
Starting the Collection Agents from a Shell
2.8
Starting the Collectors
2.8.1
Starting the Collectors from the Audit Vault Console
2.8.2
Starting the Collectors from the Audit Vault Server or Collection Agent Shell
2.9
Checking the Status of the Collectors
2.9.1
Checking the Status of Collectors from the Audit Vault Console
2.9.2
Checking the Status of Collectors from a Shell
2.10
Checking If the Collectors Are Collecting Audit Records
3
Managing Oracle Audit Vault
3.1
About Managing Oracle Audit Vault
3.2
Managing the Audit Vault Server
3.2.1
About Managing the Audit Vault Console
3.2.2
Checking the Audit Vault Console Status
3.2.3
Starting the Audit Vault Console
3.2.4
Stopping the Audit Vault Server Console
3.2.5
Globally Disabling and Enabling Alert Settings
3.2.6
Viewing Audit Event Categories
3.2.7
Viewing Operational Errors That Oracle Audit Vault Catches
3.3
Altering Collector Properties and Attributes
3.3.1
About Collector Properties and Attributes
3.3.2
Altering Collector Properties and Attributes Using the Audit Vault Console
3.3.3
Altering Collector Properties and Attributes Using a Shell
3.4
Managing the Oracle Audit Vault Data Warehouse
3.4.1
About Managing the Oracle Audit Vault Data Warehouse
3.4.2
Setting the Audit Vault Data Warehouse Refresh Schedule and Retention Period
3.4.2.1
About Setting the Refresh Schedule and Retention Period
3.4.2.2
Scheduling the Audit Data Refresh Settings Using the Audit Vault Console
3.4.2.3
Scheduling the Audit Data Refresh Settings Using a Shell
3.4.3
Manually Refreshing Audit Vault Data Warehouse Audit Data
3.4.3.1
About Manually Refreshing the Data Warehouse Data
3.4.3.2
Manually Refreshing the Data Warehouse Using the Audit Vault Console
3.4.3.3
Manually Refreshing the Data Warehouse Using a Shell
3.4.4
Loading Data to the Oracle Audit Vault Data Warehouse
3.4.4.1
About Loading Data into the Oracle Audit Vault Warehouse
3.4.4.2
Loading Data Warehouse Data Using the Audit Vault Console
3.4.4.3
Loading Data Warehouse Data Using a Shell
3.4.5
Purging Data from the Oracle Audit Vault Data Warehouse
3.4.5.1
About Purging the Oracle Audit Vault Data Warehouse
3.4.5.2
Purging Data Warehouse Data Using the Audit Vault Console
3.4.5.3
Purging Data Warehouse Data Using a Shell
3.5
Altering Source Database Attributes
3.5.1
About Source Database Attributes
3.5.2
Altering Source Database Attributes Using the Audit Vault Console
3.5.3
Altering Source Database Attributes Using a Shell
3.6
Removing Source Databases from Oracle Audit Vault
3.6.1
About Removing Source Databases from Oracle Audit Vault
3.6.2
Removing a Source Database Using the Audit Vault Console
3.6.3
Removing a Source Database Using a Shell
4
Administering the Oracle Audit Vault Repository
4.1
About the Administrative Tasks in This Chapter
4.2
Monitoring the Audit Vault Server SYSAUX Tablespace Space Usage
4.3
Monitoring Audit Vault Server Archive Log Disk Space Usage
4.4
Monitoring the Audit Vault Server Flash Recovery Area
4.5
Managing Oracle Audit Vault Backup and Recovery Operations
4.6
Using a Collection Agent to Listen to Oracle Database RAC Nodes
4.7
Configuring Collection Agent Connectivity for Oracle Database RAC
4.8
Purging the Oracle Source Database Audit Trail Records
4.8.1
General Steps for Purging the Oracle Database Audit Trail
4.8.2
Step 1: Prepare the Oracle Database Audit Trail for Purging
4.8.2.1
Step 1A: Download the DBMS_AUDIT_MGMT Package
4.8.2.2
Step 1B: Move the Database Audit Trail to a Different Tablespace
4.8.3
Step 2: Create a Job to Automatically Purge the Oracle Database Audit Trail
4.8.3.1
Step 2A: Ensure That the Collectors Are Enabled
4.8.3.2
Step 2B: Initialize the Audit Trail Cleanup Operation
4.8.3.3
Step 2C: Create the Purge Job
4.8.4
Step 3: Optionally, Set a Record Batch Size for the Purge Operations
4.8.5
Step 4: Perform Maintenance Tasks as Needed
4.8.5.1
Verifying That the Audit Trail Is Initialized for Cleanup
4.8.5.2
Enabling or Disabling an Audit Trail Purge Job
4.8.5.3
Setting the Default Audit Trail Purge Interval for Any Audit Trail Type
4.8.5.4
Setting the Default Audit Trail Purge Job Interval for a Specified Purge Job
4.8.5.5
Clearing the Database Audit Trail Records Batch Size
4.8.5.6
Canceling the Initialization Cleanup Settings
4.8.5.7
Deleting an Audit Trail Purge Job
4.8.5.8
Configuring Tracing Debug Levels for Purge Operations
4.8.5.9
Setting the Size of the Operating System Audit Trail
4.8.5.10
Setting the Age of the Operating System Audit Trail
5
Managing Oracle Audit Vault Security
5.1
About Managing Oracle Audit Vault Security
5.2
Managing Authentication Metadata Using Oracle Advanced Security
5.3
Using Oracle Database Vault with Oracle Audit Vault
5.4
Changing Oracle Audit Vault User Passwords on a Regular Basis
5.4.1
About Oracle Audit Vault User Passwords
5.4.2
Changing the AV_ADMIN User Password
5.4.3
Changing the AV_AGENT Password
5.4.4
Changing the Source User Password
5.4.5
Changing the AV_AUDITOR Password
5.4.6
Ensuring That All Changed User Name Passwords Work Correctly
5.5
Configuring HTTPS Communication for Oracle Audit Vault
5.5.1
About Configuring HTTPS Communication for Oracle Audit Vault
5.5.2
Step 1: Generate the Certificate Request
5.5.3
Step 2: Configure the Audit Vault Server and Agent HTTPS Communication
6
Audit Vault Configuration Assistant (AVCA) Reference
6.1
add_agent
6.2
create_credential
6.3
create_wallet
6.4
deploy_av
6.5
drop_agent
6.6
generate_csr
6.7
-help
6.8
import_cert
6.9
redeploy
6.10
remove_cert
6.11
secure_agent
6.12
secure_av
6.13
set_warehouse_retention
6.14
set_warehouse_schedule
7
Audit Vault Control (AVCTL) Reference
7.1
-help
7.2
load_warehouse
7.3
purge_warehouse
7.4
refresh_warehouse
7.5
show_agent_status
7.6
show_av_status
7.7
show_collector_status
7.8
show_oc4j_status
7.9
start_agent
7.10
start_av
7.11
start_collector
7.12
start_oc4j
7.13
stop_agent
7.14
stop_av
7.15
stop_collector
7.16
stop_oc4j
8
Audit Vault Oracle Database (AVORCLDB) Utility Commands
8.1
avorcldb
8.2
add_collector
8.3
add_source
8.4
alter_collector
8.5
alter_source
8.6
drop_collector
8.7
drop_source
8.8
-help
8.9
setup
8.10
verify
9
Audit Vault Microsoft SQL Server (AVMSSQLDB) Utility Commands
9.1
avmssqldb
9.2
add_collector
9.3
add_source
9.4
alter_collector
9.5
alter_source
9.6
drop_collector
9.7
drop_source
9.8
-help
9.9
setup
9.10
verify
10
Audit Vault Sybase ASE (AVSYBDB) Utility Commands
10.1
avsybdb
10.2
add_collector
10.3
add_source
10.4
alter_collector
10.5
alter_source
10.6
drop_collector
10.7
drop_source
10.8
-help
10.9
setup
10.10
verify
11
Audit Vault IBM DB2 (AVDB2DB) Utility Commands
11.1
avdb2db
11.2
add_collector
11.3
add_source
11.4
alter_collector
11.5
alter_source
11.6
drop_collector
11.7
drop_source
11.8
-help
11.9
setup
11.10
verify
12
REDO Collector Database Reference
12.1
About the Recommended Settings for the REDO Collector
12.2
Oracle9
i
Database Release 2 (9.2) Audit Source Parameter Recommendations
12.3
Oracle Database 10
g
Release 1 (10.1) Audit Source Parameter Recommendations
12.4
Oracle Database 10
g
Release 2 (10.2) Audit Source Parameter Recommendations
12.5
Oracle Database 11
g
Release 1 (11.1) Audit Source Parameter Recommendations
13
DBMS_AUDIT_MGMT Data Dictionary Views
13.1
DBA_AUDIT_MGMT_CONFIG_PARAMS
13.2
DBA_AUDIT_MGMT_LAST_ARCH_TS
13.3
DBA_AUDIT_MGMT_CLEANUP_JOBS
13.4
DBA_AUDIT_MGMT_CLEAN_EVENTS
14
DBMS_AUDIT_MGMT PL/SQL Package
14.1
About Using the DBMS_AUDIT_MGMT PL/SQL Package
14.2
DBMS_AUDIT_MGMT PL/SQL Package Security Model
14.3
DBMS_AUDIT_MGMT PL/SQL Package Constants
14.4
Summary of DBMS_AUDIT_MGMT PL/SQL Package Subprograms
14.4.1
CLEAN_AUDIT_TRAIL Procedure
14.4.2
CLEAR_AUDIT_TRAIL_PROPERTY Procedure
14.4.3
CLEAR_LAST_ARCHIVE_TIMESTAMP Procedure
14.4.4
CREATE_PURGE_JOB Procedure
14.4.5
DEINIT_CLEANUP Procedure
14.4.6
DROP_PURGE_JOB Procedure
14.4.7
GET_AUDIT_COMMIT_DELAY Function
14.4.8
INIT_CLEANUP Procedure
14.4.9
IS_CLEANUP_INITIALIZED Function
14.4.10
SET_AUDIT_TRAIL_LOCATION Procedure
14.4.11
SET_AUDIT_TRAIL_PROPERTY Procedure
14.4.12
SET_DEBUG_LEVEL Procedure
14.4.13
SET_LAST_ARCHIVE_TIMESTAMP Procedure
14.4.14
SET_PURGE_JOB_INTERVAL Procedure
14.4.15
SET_PURGE_JOB_STATUS Procedure
A
Troubleshooting an Oracle Audit Vault System
A.1
Location of Audit Vault Server Log and Error Files
A.2
Location of Audit Vault Collection Agent Log and Error Files
A.3
Troubleshooting Tips
A.3.1
Checking Trace Files for Detailed Information About Oracle Database Errors
A.3.2
Troubleshooting Audit Vault Server
A.3.3
Troubleshooting Audit Vault Collection Agent
A.3.4
Troubleshooting the Audit Vault Collector
A.3.5
Troubleshooting Oracle Audit Vault Console
A.3.6
Troubleshooting Oracle Audit Vault in an Oracle Real Application Clusters Environment
B
Oracle Audit Vault Error Messages
B.1
Audit Vault Server Error Messages
B.1.1
Generic Error Codes
B.1.2
Source Database and Event Error Codes
B.1.3
Collector Error Codes
B.1.4
Attribute Definition Error Codes
B.1.5
Alert Error Codes
B.1.6
Server-Side Audit Service Error Messages
B.1.7
Data Warehouse Error Messages
B.1.8
Other Audit Vault Policy Error Messages
B.2
Oracle Audit Vault Client Error Messages
B.2.1
General Error Messages
B.2.2
CSDK Error Messages
B.2.3
OSAUD Collector Error Messages
B.2.4
DBAUD Collector Error Messages
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.