| Oracle® Audit Vault Release Notes Patch Set 1 Release 10.2.3.1 Part Number E13848-04 |
|
| View PDF |
| Oracle® Audit Vault Release Notes Patch Set 1 Release 10.2.3.1 Part Number E13848-04 |
|
| View PDF |
Release Notes
Patch Set 1 Release 10.2.3.1
E13848-04
January 2009
These Release Notes contain important information that was not included in the Oracle Audit Vault Patch Set 1 Release 10.2.3.1 documentation. For the most current information, refer to updates of this document, which are located at the following Web site:
http://www.oracle.com/technology/documentation
This document contains the following sections:
Installing the Oracle Audit Vault Patch Set on the Audit Vault Server
Installing the Oracle Audit Vault Patch Set on the Audit Vault Agent
This section describes how to install Oracle Audit Vault Patch Set 1 (Release 10.2.3.1.0) on an existing Oracle Audit Vault Server Release 10.2.3.0.0 and Oracle Audit Vault Agent release 10.2.3.0.0 installations. You must install Patch Set 1 (Release 10.2.3.1.0) on the Oracle Audit Vault Server 10.2.3.0.0 before you can upgrade the Agent Release 10.2.3.0.0 installations.
This section contains:
Step 2: Ensure That the NLS_LANG Environment Variable Is Not Set
Step 4: Install the Oracle Audit Vault Patch Set into the Audit Vault Server Home
As a best practice, you should back up your Oracle Audit Vault database, the Audit Vault Sever home, and the Audit Vault collection agent home before you begin the upgrade.
Oracle Audit Vault patches cannot be rolled back; therefore you should take precautions to backup the files before the patch is applied until you have tested the patch set.
Back Up the Database
Out of the box, Oracle Audit Vault does not enable the SYSDBA privilege. Therefore, if you will be using RMAN to backup the database, you will need to follow the directions in Section 3.7.2 "Enabling or Disabling Connections with the SYSDBA Privilege" in the Oracle Audit Vault Server Installation Guide for the appropriate platform. After cleanly shutting down the instance following the analysis of the database, you should perform a full backup of the database. Complete the following steps:
Sign on to RMAN:
rman "target / nocatalog"
Issue the following RMAN commands:
RUN
{
ALLOCATE CHANNEL chan_name TYPE DISK;
BACKUP DATABASE FORMAT 'some_backup_directory%U' TAG before_upgrade;
BACKUP CURRENT CONTROLFILE TO 'save_controlfile_location';
}
Caution:
If you encounter problems with the upgrade and wish to abandon the upgrade completely, then you will need to restore the database from this backup. Therefore, make sure you back up your database now as a precaution.See Also:
Oracle Database Backup and Recovery Basics for more information about backing up a database.Back Up Oracle Audit Vault Server Home
Because the patch set will update files in the Oracle Audit Vault Server Home, these files should all be backed up or copied to another directory until the patch set has been tested.
Back Up Oracle Audit Vault Collection Agent Home
Because the patch set will update files in the Oracle Audit Vault Collection Agent Home, these files should be backed up or copied to another directory until the patch set has been tested.
If the Patch Set Apply Fails, You Can Abandon the Upgrade
If the patch set apply does not succeed, you can abandon the upgrade by performing the following steps:
Copy (restore) the Oracle Audit Vault Server Home files back.
If you completed the steps in Back Up the Database to back up your database, then restore that backup. Complete the following steps:
Log in to the system as the owner of the Oracle home directory of the previous release.
Sign on to RMAN:
rman "target / nocatalog"
Issue the following RMAN commands:
STARTUP NOMOUNT
RUN
{
REPLICATE CONTROLFILE FROM 'save_controlfile_location';
ALTER DATABASE MOUNT;
RESTORE DATABASE FROM TAG before_upgrade
ALTER DATABASE OPEN RESETLOGS;
}
Do not set the NLS_LANG environment variable.
This section contains:
To stop the collectors:
In the server where you installed the Oracle Audit Vault Server, open a shell.
Set the appropriate environment variables for the Oracle Audit Vault Server.
See "Checking and Setting Environment Variables (Linux and UNIX Platforms)" in Chapter 2 of Oracle Audit Vault Administrator's Guide.
Run the following command:
avctl stop_collector -collname collector-name -srcname source_name
To find the values that you must enter for this command, in SQL*Plus, query the ADM_COLLECTORS data dictionary view.
Leave this shell open.
To stop the agents:
In the shell that you opened in Section 1.3.1, run the following command:
avctl stop_agent -agentname agent_name
To find the values that you must enter for this command for this command, in SQL*Plus, query the ADM_AGENTS data dictionary view.
Leave this shell open.
To stop the Oracle Audit Vault Console:
In the shell that you opened in Section 1.3.1, run the following command:
avctl stop_av
In an Oracle RAC environment, run this command on all nodes that include Oracle Audit Vault Server.
In an Oracle RAC environment, do not shut down Enterprise Manager on the remote nodes. If you do so, you will have to manually start Enterprise Manager on these remote nodes following this patch set installation.
Leave this shell open.
From the Oracle Audit Vault Server home, use the following command to shut down the Oracle Audit Vault Database.
sqlplus /nolog
SQL> CONNECT SYS/ AS SYSOPER
Enter password: password
Connected.
SQL> SHUTDOWN IMMEDIATE
Database closed.
Database dismounted.
Oracle instance shut down.
SQL> EXIT
In an Oracle RAC environment, run the following command from the local node:
$ORACLE_HOME/bin/srvctl stop database –d AVdatabase name -q Connect string: [/ as sysdba] sys/sys password as sysdba
From the Oracle Audit Vault Server home, run the following command to stop the listener. The listener name is usually LISTENER. You can run the lsnrctl status command to determine the name of the listener.
$ORACLE_HOME/bin/lsnrctl stop listener_name
In an Oracle Real Application Cluster (RAC) environment, run this command on all nodes where Oracle Audit Vault Server is installed.
Perform the following steps to install the Oracle Audit Vault Patch Set 1 (Release 10.2.3.1.0) in the Oracle Audit Vault Server home. You use the same download executable for both the Audit Vault Server and Audit Vault Agent upgrades.
Log in to OracleMetaLink and download Oracle Audit Vault Patch Set 1 (Release 10.2.3.1.0). You can access OracleMetaLink from the following Web site:
Start Oracle Universal Installer (OUI) from the directory that contains the runInstaller program.
cd directory-containing-Oracle-Audit-Vault-Patchset-Installation-Files
./runInstaller
Oracle Universal Installer starts. It verifies the operating system version and then presents a summary of the checks it performs.
In the Welcome window, click Installed Products to display the Inventory window.
This window indicates the name of the Oracle Audit Vault Server home installed on your computer. For example, it may be named OraAV10g_home1.
Click Close to close the Inventory window and return to the Welcome window. Then the click Next.
In the Specify Home Details window, in the Name field, click the down arrow at the end of the field and select the name of the Oracle Audit Vault Server home you found the previous step (Step 3). Then click Next.
For an Oracle RAC installation, a node selection window appears with all fields disabled. This window displays the nodes that this patch set is going to be installed on. Click Next.
For a first-time installation, go to Step 6.
For repeat installations only, the Available Product Components window appears, showing a list of product components, some of which have already been installed.
Click the Expand All option to show all the options. Then click the Select All option to select all components. To install only certain product components, select the ones you want to install. Click Next.
In the Summary Page window check the space requirements.
27 MB of space is required to install Patch Set 1, which includes 13 MB of temporary space. Review each of the items that are about to be installed.
Note:
If the installation fails at the Configuration Assistant step, it might be due to incorrect information entered in Step 4 or because theSYSDBA privilege was not enabled. See Oracle Audit Vault Server Installation Guide for instructions on enabling the SYSDBA privilege.Click Install.
When the installation completes, the Configuration Assistants window appears.
The Configuration Assistants window displays, and the installation continues. When the installation completes, the End of Installation window appears and displays the URL for the Oracle Audit Vault Console. It is the same URL used for the previous Oracle Audit Vault installation.
Click Exit to exit the Oracle Universal Installer, and then click Yes in the confirmation window.
If the Patch Set Upgrade Is Not Successful
If the patch set apply is not successful, to abandon the upgrade, perform the following steps:
Copy (Restore) the Audit Vault Server Home files back to their original location.
If you backed up the database, then restore that backup. Complete the following steps:
Log in to the system as the owner of the Oracle home directory of the previous release.
Sign on to RMAN:
rman "target / nocatalog"
Issue the following RMAN commands:
STARTUP NOMOUNT
RUN
{
REPLICATE CONTROLFILE FROM 'save_controlfile_location';
ALTER DATABASE MOUNT;
RESTORE DATABASE FROM TAG before_upgrade
ALTER DATABASE OPEN RESETLOGS;
}
After you complete these steps, the Oracle Audit Vault Server automatically starts. However, if this does not happen, follow these steps:
To restart the Oracle Audit Vault Server:
Access the shell that you opened for the Audit Vault Server in Section 1.3.1.
Restart the listener.
$ORACLE_HOME/bin/lsnrctl start listener_name
Restart Oracle Database.
sqlplus sys/as sysoper
Enter password: password
Connected.
SQL> STARTUP
ORACLE instance started
Run the following command:
avctl start_av
This section contains:
Step 1: Ensure That the NLS_LANG Environment Variable Is Not Set
Step 3: Install Oracle Audit Vault Patch Set 1 in the Audit Vault Agent Homes
Do not set the NLS_LANG environment variable.
This section contains:
Step 2A: Stop All Collectors Running Within the Context of the Agent You Are Patching
Step 2C: Stop the Agent OC4J that Houses the Agent You Are Patching
To stop the collectors:
Access the shell that you opened in Section 1.3.1.
If you had closed this shell, then you need to set the appropriate environment variables for the Oracle Audit Vault Server. See "Checking and Setting Environment Variables (Linux and UNIX Platforms)" in Chapter 2 of Oracle Audit Vault Administrator's Guide.
Run the following command:
avctl stop_collector -collname collector-name -srcname source_name
To find the values that you must enter for this command, in SQL*Plus, query the ADM_COLLECTORS data dictionary view.
Leave this shell open.
To stop the agents:
In the shell that you opened in Section 1.3.1, run the following command:
avctl stop_agent -agentname agent_name
To find the values that you must enter for this command for this command, in SQL*Plus, query the ADM_AGENTS data dictionary view.
Leave this shell open.
To stop the Agent OC4J:
Open a shell for the Audit Vault agent.
Set the appropriate environment variables for the Oracle Audit Vault agent.
See "Checking and Setting Environment Variables (Linux and UNIX Platforms)" in Chapter 2 of Oracle Audit Vault Administrator's Guide.
Run the following command:
avctl stop_oc4j
Leave this shell open.
Perform the following steps to install the Oracle Audit Vault Patch Set 1 (Release 10.2.3.1.0) in the Oracle Audit Vault Agent home.
If you have not done so already, log in to OracleMetaLink and download Oracle Audit Vault Patch Set 1 (Release 10.2.3.1.0). You can access OracleMetaLink from the following Web site:
Start Oracle Universal Installer (OUI) from the directory that contains the runInstaller program.
cd directory-containing-Oracle-Audit-Vault-Patchset-Installation-Files
./runInstaller
Oracle Universal Installer starts. It verifies the operating system version and then presents a summary of the checks it performs.
In the Welcome window, click Installed Products to display the Inventory window.
This window indicates the name of the Oracle Audit Vault Agent home installed on your computer. For example, it may be named OraAV10g_home2 when installed on the same computer as the Oracle Audit Vault Server or OraAV10g_home1 when installed on a different computer from Oracle Audit Vault Server.
Click Close to close the Inventory window and return to the Welcome window. Then the click Next.
In the Specify Home Details window, in the Name field, click the down arrow at the end of the field and select the name of the Oracle Audit Vault Agent home you determined from the previous step (Step 3)
Once you select the Oracle Audit Vault Agent home, the Path field should display the correct path to the Oracle Audit Vault Agent home. Review the path name. Then click Next.
For a first time installation, go to Step 6.
For repeat installations only, the Available Product Components window appears, showing a list of product components, some of which have already been installed.
Click the Expand All option to show all the options. Then click the Select All option. To install only certain components, select the ones you want to install. Then click Next.
In the Summary Page window, check the space requirements.
22 MB of space is required to install Patch Set 1, which includes 8 MB of temporary space. Review each of the items that are about to be installed.
Click Install.
The Install window appears. When the installation completes, the Configuration Assistants window appears and then completes the configuration. Then the end of Installation window appears.
Click Exit to exit the Oracle Universal Installer, and then click Yes in the confirmation window.
If the Patch Upgrade Is Not Successful
If the patch set apply is not successful, to abandon the upgrade, copy (restore) the Audit Vault Collection Agent Home files back to their original location.
This section contains:
To start the agent OC4J:
Access the shell that you opened for the Audit Vault agent in Section 2.2.3.
Run the following command:
avctl start_oc4j
Close this shell.
To start the patched agent:
In the shell for the Audit Vault Server that you opened in Section 1.3.1, run the following command:
avctl start_agent -agentname agent-name
To find the values that you must enter for this command for this command, in SQL*Plus, query the ADM_AGENTS data dictionary view.
Leave this shell open.
To start the collectors that run in the patched agent:
In the shell that you opened in Section 1.3.1, run the following command:
avctl start_collector -collname collecctor_name -srcname source_name
To find the values that you must enter for this command for this command, in SQL*Plus, query the ADM_COLLECTOR data dictionary view.
Leave this shell open.
To verify that all Oracle Audit Vault components are running and the system is operational:
In the shell that you opened in Section 1.3.1, run the following command:
avctl show_collector_status -collname collector_name -srcname source_name
To find the values that you must enter for this command for this command, in SQL*Plus, query the ADM_COLLECTORS data dictionary view.
Close this shell.
After you install Oracle Audit Vault, check to see if there is a patch set or critical patch update (CPU) available. Before applying any Oracle Audit Vault patch sets, back up your Oracle Audit Vault database, the Oracle Audit Vault Server home, and the Oracle Audit Vault Agent home. See Section 3.1 for more information.
This section describes the following postinstallation tasks if you need to update this patch:
Oracle Audit Vault patches cannot be rolled back, therefore you should take precautions to backup the files before the patch is applied until you have tested the patch set. See "Step 1: Back Up Oracle Audit Vault" for more information.
A CPU is a collection of patches for security vulnerabilities. It also includes non-security fixes required (because of interdependencies) by those security patches. CPUs are cumulative, and they are provided quarterly on the Oracle Technology Network. Oracle Audit Vault 10.2.3.1.0 does not include the October 2008 RDBMS CPU for the underlying 10.2.0.3 database, therefore, you need to install this RDBMS CPU. If a later RDBMS CPU is available, then install that. For general information about CPUs, see
http://www.oracle.com/security/critical-patch-update.html
For specific information about critical patch updates and security alerts, see
Table 1 lists bugs that have been fixed for Oracle Audit Vault Patch Set Release 10.2.3.1.
Table 1 Bugs Fixed in Oracle Audit Vault Patch Set Release 10.2.3.1
| Bug Number | Description |
|---|---|
|
5874570 |
PREREQUISITE CHECK ERROR MESSAGE FOR ORACLE HOME NEEDS UPDATE |
|
6131570 |
SPFILE ERRORS FROM DVCA WHEN INSTALLING AV ON SINGLE NODE |
|
6902847 |
ORA-01841 DURING AV WAREHOUSE REFRESH |
|
6975309 |
DUPLICATED FGA POLICY CREATED |
|
6979619 |
SPECIAL MESSAGE FOR SECURITY PATCH INSTALLATION IN AV AGNT UPGRD |
|
6989148 |
MERGE LABEL REQUEST ON TOP OF 10.2.0.3 FOR AUDIT TRAIL CLEAN-UP |
|
6994067 |
DBV: INVALID ERROR MSG FROM PROVISION |
|
7000223 |
DBAUD COLLECTOR COLLECTS INVALID OBJECT FROM DATABASE VAULT |
|
7008473 |
OSAUDIT_LOG_LEVEL IS NOT PICK UP FROM SERVER |
|
7027265 |
TIME VALUES IN REPORTS DON'T DISPLAY TIME ZONE |
|
7045602 |
MULTYBYTE WORDS COLLECTED BY XML COLLECTOR ARE GARBLED |
|
7109942 |
SOME RECORDS COLLECTED BY SYSLOG COLLECTOR HAVE OLD TIMESTAMP |
|
7122168 |
INCORRECT WARNING MESSAGE WHEN AVMSSQLDB IS RUN |
|
7137733 |
SYBASE COLLECTOR FEATURE IS NOT AVAILABLE |
|
7151126 |
SYSLOG COLLECTOR IS DYING INTERMITTENTLY |
|
7172240 |
AV MULTICOLUMN FGA POLICIES |
|
7194366 |
AV SERVER INSTALL HANGS |
|
7218481 |
DB COLLECTOR DOES NOT START |
|
7235375 |
DBAUD COLLECTOR CRASHES OCI-22060: ARGUMENT [2] IS AN INVALID |
|
7313180 |
COLLECTOR REDO_COLLECTOR FOR SOURCE ALREADY EXISTS JAVA.SQL.SQLEXCEPTION:ORA-933 |
|
7349281 |
CANNOT CONFIRM TERMINAL INFORMATION FROM AV GUI |
|
7342949 |
LARGE NUMBER OF AUDIT POLICY SETTINGS THROWS VARRAY LIMIT ERRORS |
|
7353816 |
REDO COLLECTOR DOESN'T COLLECT BEFORE/AFTER VALUES FOR DELETE AND SUP LOG COLUMN |
|
7356241 |
PLEASE REMOVE REDO COLLECTOR RESTRICTIONS TO FROM 'RECOMMENDED' PARAMETERS |
|
7356286 |
INTERNAL ERROR WHEN RETRIEVE FROM SOURCE WITH MANY USERS AND OBJECTS |
|
7363034 |
PROVIDE A MECHANISM TO INCREASE AGENT OC4J MAX HEAP SIZE |
|
7363716 |
DBAUD COLLECTOR CRASHES |
|
7377737 |
RETRIEVING AND SAVING LARGE NUMBER OF POLICY SETTINGS FAILS |
|
7451148 |
DBAUD_COLLECTOR CONFIGURED FOR A RAC DATABASES CRASHES CONSISTENTLY |
|
7463228 |
OSAUD COLLECTOR SAVE XML FGA WITH SQL TEXT/BIND AS INVALID |
|
7477146 |
CREATE ALERT WHEN PARAMETER VALUE IS NULL |
|
7482864 |
OS AUD COLLECTOR DIES WITH ORA-01461: CAN BIND A LONG VALUE ONLY FOR INSERT |
This section contains:
This section describes known issues and workarounds for single instance and Oracle RAC installations on all platforms.
This section contains:
The Same SYSDBA Password Is Required for Audit Vault and ASM
Error File Getting Generated During Audit Vault Server Installation
The Silent Installer Does Not Issue an Error When the SID Is Omitted
The Silent Installer for the Agent Does Not Validate Against the Server
Silent Installation Proceeds Even When Variables Are Not Populated
Manual Cleanup Is Required After Uninstalling the Audit Vault Database
Audit Vault Server Installer Prints Time Zone on Console When Run for Upgrade
Deinstalling Upgraded Audit Vault Server Does Not Remove Entry from Oratab File
Automated Backup Job Not Properly Created With Audit Vault Server Installation
Errors Appear in Agent Log File After Installing Oracle Audit Vault Agents
During an Audit Vault Server advanced installation, on the Configure Automatic Storage Management Configure page when you select new disks to add from the Add Member Disks table, the Required Storage Space area is supposed to automatically adjust the disk sizes displayed to show the amount of required storage space. However, this calculation is not updated.
Workaround: Click the Change Discovery Path button and update the discovery path to show the adjusted disk sizes before adding the disks.
This issue is tracked with Oracle bug 5764944.
After installing Automatic Storage Management (ASM) and Oracle Audit Vault Server, you may receive the following error when connecting to ASM:
"Supplied ASM SYSDBA password is invalid"
Workaround: Provide the same SYSDBA password for both ASM and Audit Vault Server.
This issue is tracked with Oracle bug 5845686.
When installing Oracle Audit Vault Server using Oracle Universal Installer, after clicking Next on the Prerequisite Checks window, the following runtime exception content is written to the error file that is generated:
Runtime exception during validation of variable :s_racSid
java.lang.NullPointerException
at
Components.oracle.rdbms.dv.v10_2_0_3_0.CompContext.validate_s_racSid(Unknown
Source)
at
Components.oracle.rdbms.dv.v10_2_0_3_0.CompContext.validate(Unknown Source)
at
oracle.sysman.oii.oiis.OiisVariable.validate(OiisVariable.java:1409)
at
oracle.sysman.oii.oiis.OiisVariable.validateChildVariables(OiisVariable.java:1836)
at
oracle.sysman.oii.oiis.OiisVariable.setValue(OiisVariable.java:1124)
at
oracle.sysman.oii.oiis.OiisVariable.setVariable(OiisVariable.java:2197)
at
oracle.sysman.oii.oiis.OiisCompContext.doOperation(OiisCompContext.java:1093)
at
oracle.sysman.oii.oiif.oiifb.OiifbLinearIterator.iterate(OiifbLinearIterator.java:147)
at
oracle.sysman.oii.oiic.OiicCompsWizEngine.doOperation(OiicCompsWizEngine.java:202)
at
oracle.sysman.oii.oiif.oiifb.OiifbLinearIterator.iterate(OiifbLinearIterator.java:147)
at
oracle.sysman.oii.oiic.OiicInstallSession$OiicSelCompsInstall.doOperation(OiicInstallSession.java:3838)
Workaround: You can ignore this error. This exception error is a benign error and will be suppressed in a future release. It does not affect the installation or the functionality of the installed Audit Vault databases for a single instance installation or for an Oracle RAC environment installation.
This issue is tracked with Oracle bug 6832669.
In this release, the installer does not support the -record option.
Workaround: None.
This issue is tracked with Oracle bug 5841694.
When performing silent installation for the Audit Vault Server, if you do not provide a value for the s_dbSid option, the SID defaults to av.
Workaround: Ensure that you have set the correct value for the s_dbSid option in the response file before running the silent installation.
This issue is tracked with Oracle bug 5739374.
If you perform a silent installation of the Audit Vault Agent, Oracle Universal Installer does not connect to the specified Audit Vault Server and check the user-provided information. This type of validation is only available when using one-click installation.
Workaround: Use any of the following methods:
Ensure that you are installing the agent on the computer that you specified when issuing the avca add_agent command on the server.
Manually check the user-provided information in the response file for the silent installation.
Verify that the Audit Vault database is up.
This issue is tracked with Oracle bug 5747235.
If you perform a silent installation, the DVCA command may fail to run. However, the silent installer will report that it ran successfully.
Workaround: Check the installation logs after running silent installation. The log files are located in the ORACLE_HOME/cfgtoollogs/oui/installActionsdate_time.log file.
This issue is tracked with Oracle bug 5892119.
When you run the silent installation program as follows, you may receive an error:
On Linux and UNIX systems:
./runInstaller -silent -responseFile absolute_path_to_av.rsp_file
On Windows systems:
setup.exe -silent -responseFile absolute_path_to_av.rsp_file
If you have not properly supplied all required variables in the silent installation file, the following error appears:
'SEVERE:Abnormal program termination. An internal error has occured. Please provide the following files to Oracle Support :'.
Workaround: Check the silent installation response file and ensure that you have provided proper input for all the required variables.
This issue is tracked with Oracle bug 5859406.
After you uninstall the Audit Vault database, the configuration files that Audit Vault created are not removed.
Workaround: Manually delete the Audit Vault home directory after you uninstall the Audit Vault database.
This issue is tracked with Oracle bug 5768129.
During an Audit Vault server upgrade, Oracle Universal Installer prints the time zone in UTC format in the console in which you invoke ./runInstaller. This time zone format also appears in the .out installation log file.
Workaround: None. You can disregard this message on console and in the .out installation log file.
This issue is tracked with Oracle bug 6829132.
If you de-install the Audit Vault Server and even after the de-installation successfully completes, the /etc/oratab file still shows the entry for an upgraded Audit Vault server.
Workaround: After the deinstallation completes, manually update the /etc/oratab file to remove the corresponding Audit Vault server entry.
This issue is tracked with Oracle bug 6833273.
When you install Oracle Audit Vault, the automated back-up jobs do not work and fail with a No such file or directory error.
Workaround: Use customized back-ups to schedule any back-up jobs.
This issue is tracked with Oracle bug 6844843.
After you install the Oracle Audit Vault agents, the following validation errors appear in the $AGENTHOME/av/log/agent_client-0.log file:
2008/04/29 13:03:38 Thread-10 level of detail(low): error invoking validtion
for input=agent2 method=validateName
java.lang.NoClassDefFoundError: javax/servlet/ServletRequest
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:1655)
at java.lang.Class.getMethod0(Class.java:1901)
at java.lang.Class.getMethod(Class.java:984)
at oracle.av.util.BeanValidator.invoke(BeanValidator.java:49)
at oracle.av.util.BeanValidator.validate(BeanValidator.java:97)
at
@ oracle.av.avca.CommandArguments.validateArguments(CommandArguments.java:170)
at oracle.av.avca.Avca.startCA(Avca.java:106)
at oracle.av.avca.Avca.main(Avca.java:448)
2008/04/29 13:03:38 Thread-10 level of detail(low): validationg getAgentName
Workaround: You can ignore these errors. The Audit Vault agent should start successfully.
This issue is tracked with Oracle bug 7007105.
This section describes known issues and workarounds for Oracle RAC installations on all platforms.
This section contains:
After you install Audit Vault Server, the following error appears if you create an Oracle RAC database using the dbca command:
Failed to retrieve network listener Resources
Workaround: Click yes on the error screen and continue the installation.
This issue is tracked with Oracle bug 5488388. current status: 36 - Duplicate Bug. To Filer
This section describes installation and uninstallation issues in Linux and UNIX platforms for single instance and Oracle Real Application Clusters (RAC) installations.
This section contains:
If you install Oracle Audit Vault, an error log similar to the following is created:
EM Configuration issue. @ /oracle/av/10.2.3/AV01/av_oh/mycompany.us.oracle.com_ not found.
Workaround: None. Oracle Enterprise Manager should be correctly working. You can disregard this error log file.
This issue is tracked with Oracle bug 6780876.
On AIX 5L Based Systems, if you perform an Audit Vault Server or Agent installation using Simplified Chinese (zh_CN) or Japanese (ja_JP) languages, then accessing help on the installer window will display a blank help window.
Workaround: None.
This issue is tracked with Oracle bug 7016874.
There are no known issues for Oracle Audit Vault on the Microsoft Windows platform.
This section contains:
Need to Enable DV_SECANALYST to Access the DVSYS.AUDIT_TRAIL$ Table
Long Source Database Name Is Garbled in Top Five Audit Sources by Number of Alerts Graph
Need a Way to Clean Out the Archived Audit Settings for a Source Database in Oracle Audit Vault
Problem When Running the avca initialize_agent Command from the Audit Vault Server Home
Agent OC4J Status Shows "NOT RUNNING" After secure_av and secure_agent Are Run
If you enter an invalid multi-byte user name on the login page for the Audit Vault Console, an error is displayed and the user name is displayed in a garbled manner.
For example, this problem occurs if you do the following:
Set the browser to simplified Chinese.
Access the Audit Vault Console URL.
On the login page, enter an invalid multi-byte user name and then click Login.
Workaround: None.
This issue is tracked with Oracle bug 5899718.
The REDO collector uses Oracle Streams technology to retrieve logical change records (LCRs) from the redo logs. On the source database, a Streams capture process uses LogMiner to extract new LCRs from the redo logs based on capture rules that are defined by the user.
If you configure initialization parameters for a streams pool with subpool durations for instance, session, cursor, and execution, you can receive an ORA-4031 error.
Workaround: Use one of the following:
Find what allocations made a particular duration subpool too large and change their durations, for example, from session to cursor or execution.
Combine the durations into one pool using the following initialization parameter in the init.ora initialization file:
_enable_shared_pool_durations = false
However, be aware that setting this parameter prevents the Streams pool from shrinking.
This issue is tracked with Oracle bug 5919096.
Oracle Audit Vault extracts the Oracle Database Vault audit trail records by using the DV_ADMIN or DV_OWNER role to read the contents of the DVSYS.AUDIT_TRAIL$ table for Oracle Database 11g Release 1 (11.1). For better security, Audit Vault should be able to use the DV_SECANALYST role to read the DVSYS.AUDIT_TRAIL$ table.
Workaround:
Log in to SQL*Plus as a user who has been granted the DV_OWNER role.
Grant the DV_ADMIN role to the user account that was created on the source database for Audit Vault.
This issue is tracked with Oracle bug 7022650.
If the source database has a long name and appears on the Y-axis of the graph Top Five Audit Sources by Number of Alerts, the graph is squeezed to the point that the X-axis becomes one dimensional and does not show the two-dimensional aspect of the graph.
Workaround: Create a reasonably short source name, about 15 characters long, using the -srcname srcname argument when you add the source to Oracle Audit Vault.
This issue is tracked with Oracle bug 6837441.
Oracle Audit Vault needs the ability to purge the retrieved or processed audit settings in Oracle Audit Vault for a given source database.
Workaround: None.
This issue is tracked with Oracle bug 7375174.
After you install Oracle Audit Vault, you cannot change the port number for the Audit Vault Web applications.
Workaround: None.
This issue is tracked with Oracle bug 7385554.
In the Audit Settings page of the Audit Vault Console, under the Statement, Object, Privilege, FGA, and Capture Rule tabs, there is a Mark All As Needed button. If you select this button and then decide that you should not have, there is no way to quickly revert to the previous settings. Instead, you must manually select each setting to revert it to its previous state. For a very long list, this operation can be extremely tedious.
Workaround: None.
This issue is tracked with Oracle bug 7449916.
The following are miscellaneous error message issues:
In an installation with the patch 7388531 applied, the following error message may appear in the log file for the DBAUD collector:
Message 46963 not found; product=AV; facility=OAV
Workaround: Oracle Audit Vault generates this message when the AUD$ or FGA_LOG$ record has a non-positive value in the ENTRYID or SESSOINID columns. These records are illegal but may appear as the result of bugs in Oracle Database. This message is just a warning. You can ignore it.
The DBAUD collector log file also has warnings similar to the following:
WARNING @ '13/10/2008 14:08:59 02:00': Attribute SQL_TEXT is longer than 4000 bytes and was clipped
Workaround: The error message should say that SQL text longer than 4000 characters will be truncated.
The following error message appears:
SRC data retireved OK'
Workaround: It should say:
SRC data retrieved OK'
These issues are tracked with Oracle bug 7482805.
The avca initialize_agent command can be run from the Audit Vault Server home. However, this causes instability in the Audit Vault Server.
Workaround: Only run the avca initialize_agent command from the Audit Vault collection agent home.
This issue is tracked with Oracle bug 7494714.
If you have secured the Oracle Audit Vault agent by running the avca secure_agent command, issuing the avctl show_oc4j status command shows the status of the OC4J agent as being down. However, in most cases, the agent is running.
Workaround: To ensure that the OC4J agent is running, check its status as follows:
UNIX systems: Run the following command:
ps -ef | grep oc4j
Microsoft Windows systems: Start the Windows Task Manager and check if the java.exe process is running.
This issue is tracked with Oracle bug 6318593.
This section contains:
The source database event time and Audit Vault event times differ for Sybase ASE and SQL Server. This time difference is small, however.
Table 2 demonstrates this problem. In the values listed in the Audit Vault Timestamp column, there is a trailing, recurring last digit followed by zeros. For some cases, the leading zero is dropped. This could pose problems because the event_time value is usually used as a basis for co-relating events.
Table 2 Timestamp Differences Between the Source and Audit Vault Event Times
| Source DB Timestamp | Audit Vault Timestamp |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Workaround: None.
This issue is tracked with Oracle bug 6890264.
If the computer on which the source database resides has clients that use Spanish, then you cannot add this source database to Oracle Audit Vault. If you try to add this source database, the following errors appear:
'DVSYS.DV_BEFORE_DDL_TRG' ORA-01403: no data found ORA-06512: at "DVSYS.AUTHORIZE_EVENT", line 55 ORA-06512: at line 31 ORA-06512: at "SYS.AV_STREAMS_AUTH", line 9 ORA-06512: at line 1
Workaround: On the computer where the source database resides, change the NLS_LANG setting to AMERICAN_AMERICA.US7ASCII, and then set the system-wide regional options on the source database to English (United States).
This issue is tracked with Oracle bug 7525945.
This section contains:
After several restarts, a collector can take a while to start. In most cases, when the avctl start_collector command is successful, the avctl show_collector_status command and Audit Vault Console indicate that the collector is running. However, in some cases the collector status may indicate that it is not running. This can be due to working in a slow environment and it takes more time to respond to the metrics query, or the collector is doing an initialization and recovery.
Workaround: Wait until the startup completes. Operations should be normal after the collector has finished starting. Before re-performing a collector status query, wait a bit longer. The collector status will eventually indicate a running state.
This issue is tracked with Oracle bug 5937597.
If you run the Audit Vault SQL Server avmssqldb command on the source database, and then try to start the SQL Server collector, the command succeeds but the collector status remains unchanged. It should show a status indicating that the SQL Server collector has started. To find if this error has occurred, check the $ORACLE_HOME/av/log directory of the Agent and see if the SQL Collector log file has a Generic Wallet Error. If this wallet error is present, then it is most likely this bug.
Typically, you follow these steps:
On the Audit Vault Server side, you add the source and collectors as follows:
avmssqldb add_source -srcname src_name ... avmssqldb add_collector -collname collector_name ...
On the Audit Vault Agent side, you run the following set-up command:
avmssqldb setup -srcname src_name
Then, on the Audit Vault Server side, you run these commands:
avctl start_collector -srcname src_name -collname collector_name avctl show_collector_status -srcname src_name -collname collector_name
If you omit Step 2, then no error displays when you run the avctl start_collector command in Step 3. When you run the avctl show_collector_status command next, then the status displays a not running message.
Workaround: Run the avmssqldb setup command on the agent, and then restart the collector.
This issue is tracked with Oracle bug 7010699.
The SQL Server collector log file erroneously states that the directory path specified by the C2_TRACE_FILEPATH attribute setting is incorrect.
Workaround: Specify the complete file name, with the wildcard asterisk (*) instead of .trc in the C2_TRACE_FILEPATH parameter. For example, if the file name is C:\MyTrace.trc, then specify the value C:\MyTrace*.
This issue is tracked with Oracle bug 7030424.
The OS collector crashes with a 217 error message when it tries to analyze the XML audit file. This can happen if the XML file contains an invalid character.
Workaround: None.
This issue is tracked with Oracle bug 7501659.
Our goal is to make Oracle products, services, and supporting documentation accessible to all users, including users that are disabled. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Accessibility standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For more information, visit the Oracle Accessibility Program Web site at http://www.oracle.com/accessibility/.
Accessibility of Code Examples in Documentation
Screen readers may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, some screen readers may not always read a line of text that consists solely of a bracket or brace.
Accessibility of Links to External Web Sites in Documentation
This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.
TTY Access to Oracle Support Services
To reach AT&T Customer Assistants, dial 711 or 1.800.855.2880. An AT&T Customer Assistant will relay information between the customer and Oracle Support Services at 1.800.223.1711. Complete instructions for using the AT&T relay services are available at http://www.consumer.att.com/relay/tty/standard2.html. After the AT&T Customer Assistant contacts Oracle Support Services, an Oracle Support Services engineer will handle technical issues and provide customer support according to the Oracle service request process.
Oracle Audit Vault Release Notes, Patch Set 1 Release 10.2.3.1
E13848-04
Copyright © 2009, Oracle. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software in dangerous applications.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
This software and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.
 Copyright © 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|