| Oracle® Beekeeper Online Help Release 1 (1.5) Part Number E14838-01 |
|
|
View PDF |
| Oracle® Beekeeper Online Help Release 1 (1.5) Part Number E14838-01 |
|
|
View PDF |
This module contains describes how to manage Oracle Beehive enterprises using Oracle Beekeeper, and includes the following sections:
An entity is an object in Oracle Beehive, such as a service, user, workspace, or artifact. In essence, every object in Oracle Beehive is an entity.
An actor is an entity, such as a user, group, or service, that acts upon other entities.
An artifact is a type of entity that users can view, create, modify, or delete. Artifacts are the results of communications and other collaborative activities, and include e-mail messages, meeting entries, online discussions, and documents.
You can control the maximum disk space allowed for workspaces in your enterprise.
To manage workspace quotas for your entire enterprise:
From the Enterprises panel, click Manage Enterprises.
In the Manage Enterprises window, select your enterprise.
Click the Quota Settings tab.
Set specific quota limits for each type of quota. By default, each quota type is set to Unlimited.
Hard Quota: Set the total disk space allocated to your enterprise.
Sub-Organizations Hard Quota: Set the default disk space allocated to each sub-organization within your enterprise.
Team Workspace Hard Quota: Set the default disk space allocated to each team workspace within your enterprise.
Personal Workspace Hard Quota: Set the default disk space allocated to each personal workspace within your enterprise.
Team Workspace Soft Quota: Set the default quota level at which a warning event is created for each team workspace within your enterprise.
Personal Workspace Soft Quota: Set the default quota level at which a warning event is created for each personal workspace within your enterprise.
Click Apply to save your changes to the quota settings. Alternatively, click Reset to discard your changes.
To manage quota for a single workspace:
From the Enterprises panel, click the name of your enterprise.
In the Manage Enterprises window, select a workspace.
Click the Quota Settings tab.
Set specific limits for hard and soft quotas. By default, each quota type is set to Unlimited.
Click Apply to save your changes to the quota settings. Alternatively, click Reset to discard your changes.
You can enter search strings in the Find field in the top-right corner of the main window to search for entities in Oracle Beekeeper. Alternatively, you can use the Advanced Search dialog box to perform searches.
Searches in Oracle Beekeeper are not case-sensitive.
In its most basic form, a search consists of an attribute, a keyword, and a match operator. An attribute is the criterion by which you intend to search for one or more Oracle Beehive entities. A keyword is the value for which you want to search. Generally, the match operator is :, which instructs Oracle Beekeeper to return all results for the searched attribute containing the given keyword.
You perform a simple search by entering search strings in the Find field and clicking the Search icon to begin your search.
Examples:
To perform a search for all users with the word 'developer' in their job titles, you would enter
title:developer in the Find field. Alternatively, to search for all members of the accounting department, you would enter department:accounting in the Find field.Oracle Beekeeper supports boolean expressions, nested predicates with parentheses, and the predefined attributes ANY and ALL.
Using the ANY attribute matches the keyword or keyphrase against any of the relevant search attributes.
Using the ALL attribute matches the keyword or keyphrase against all of the relevant search attributes.
If you want to specify multiple keywords for a given search, you must enclose them in double quotation marks. Multiple keywords in double quotation marks constitute a keyphrase.
| Boolean Operator | Oracle Beekeeper Symbol |
|---|---|
| contains | : |
| AND | && |
| OR | || |
| NOT | ! |
Example 3-1 Complex Syntax
In the Find field, enter the following text:
(givenname:john && familyname:coetzee) || (givenname:jamaica && familyname:kincaid)
Your search would return the following results:
Any user whose given name was John and whose family name was Coetzee
Any user whose given name was Jamaica and whose family name was Kincaid
To perform an advanced search:
Click the Advanced Search icon to launch the Advanced Search dialog box.
From the Add pull-down menu, select an attribute and click +.
Enter a word or part of a word in the field provided. To search for entities with an attribute containing the word you entered, select contains from the attribute's pull-down menu. Alternatively, to search for entities with an attribute that does not contain the word you entered, select does not contain from the attribute's pull-down menu.
Optionally, repeat steps 2 and 3 to search for entities using more than one attribute.
If you are searching using multiple attributes, select All to ensure that your search returns only entities that match all the attributes by which you are searching. Alternatively, select Any to ensure that your search returns entities that match any of the attributes by which you are searching.
If you want to delete any attribute search you have created, click x next to the attribute field.
Click Search. Your results are displayed in the main window behind the Advanced Search dialog box.
Click Close to return to the main window.
A user, also referred to as an actor, is an entity that can act on other entities. Users can be assigned to groups, provisioned for services, and authorized to perform tasks and services.
All users are part of the enterprise directory, which is managed by the User Directory Service (UDS).
Note:
If you have configured Oracle Beehive to use an external directory server, you cannot create or modify users using Oracle Beekeeper.To create a user:
In the Enterprises panel, expand the Manage Enterprises navigation tree.
Click Users.
From the menu bar, click New.
Click one of the tabs and enter user information:
General: Enter basic information such as first name and family name, time zone, user name, and password. You must provide a family name and a user name for the user.
Business: Enter official information such as company, organization, department, job title, and manager.
Contact Info: Enter contact information such as e-mail, phone, fax, and instant message address. You can also add or remove entries for each type of contact information using the + and x buttons. You can also select a primary entry from among the multiple entries for each contact information field, and categorize each contact information field under the Business, Personal, or Other category.
Groups: Lists the group or groups to which a user belongs. To add the user to a group, click Add, enter a name or part of a name in the Find field, and click the search icon to return a list of groups. Select a group from the list and click Add. Alternatively, hold down Ctrl to select multiple groups, and click Add. For more information, see Managing Groups.
Roles: Lists the role or roles assigned to the user. To assign a role to the user, click Add. Select a role from the list and click Add. Alternatively, hold down Ctrl to select multiple roles, and click Add. For more information, see Managing Roles.
Click Save & Close to create the user and close the New User dialog box. Alternatively, click Apply to create the user without closing the dialog box.
To modify information about a user:
In the Enterprises panel, expand the Manage Enterprises navigation tree.
Click Users.
From the displayed list of users, select the user you want to modify.
From the menu bar, select Actions, then Open.
Update any or all user information. For more information, see Creating Users.
Click Save & Close to save your changes and close the dialog box. Alternatively, click Apply to save your changes without closing the dialog box.
To delete a user:
In the Enterprises panel, expand the Manage Enterprises navigation tree.
Click Users.
From the displayed list of users, select the user you want to delete.
Click Delete.
Click Yes to confirm the deletion.
To search for one or more users:
In the Users pane, enter the search string in the Find field. You can perform a search using one or more of the following attributes:
Status
FamilyName
GivenName
MiddleName
Nickname
Title
Office
Department
Company
Profession
Manager
Organization
TimeZone
For more information, see Performing Simple Searches.
Click the Search icon.
Click x to reset the Users pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
An Oracle Beehive group is a defined collection of users or resources (or some combination thereof) that are related based on a line of business, a project, or another common association.
Oracle Beehive provides the following group types:
Static groups have explicit member lists. You must manually add and remove members from static groups.
Dynamic groups have memberships defined by a query, so that users fitting whatever criteria is being queried are automatically made members. Dynamic group queries are based on any combination of user attributes, properties, or addresses.
Example:
All users with a particular manager could belong to a dynamic group defined by a query against the Manager attribute of user accounts. Whenever a user's manager attribute is changed to that particular manager, that user is automatically added to the group. Likewise, whenever a user's manager attribute changes (the user switches to a different manager), that user is automatically removed from the group.To create a static group:
From the New pull-down menu, select Static Group. The New Static Group pop-up will open in a separate window.
On the General tab, enter a unique name for the group. Optionally, enter a brief group description.
Optionally, click the Contact Info tab and provide contact information for the group.
Click the Members tab.
Click +.
Enter a name or part of a name in the Find field and click the search icon to return a list of results.
Select a user from the list and click Add. Alternatively, hold down Ctrl to select multiple users, and click Add.
Click Save & Close to create the static group.
To create a dynamic group:
From the New pull-down menu, select Dynamic Group. The New Dynamic Group pop-up will open in a separate window.
On the General tab, enter a unique name for the group. Optionally, enter a brief group description.
In the Query section, select one or more attributes to define your membership, and provide a value and operator for each attribute you choose. You can add members using any of the following attributes:
Family name
Given name
Middle name
Nickname
E-mail address
Title
Office
Department
Company
Profession
Manager
Type (Enterprise or Extended Enterprise)
Example:
You create a dynamic group intended to comprise only the accountants in your Montreal office. From the Add pull-down menu, you select Office and click +. Leaving the operator at contains, you enter Montreal in the edit box. From the Add pull-down menu, you select Profession and click +. Leaving the operator at contains, you enter accountant in the edit box. You click the All radio button to ensure that your group only contains users who meet both your search criteria.Click Preview to verify that your query has generated the desired membership for this group.
Optionally, click the Contact Info tab and provide contact information for the group.
Optionally, you can manually add members to a dynamic group by performing the following steps:
Click the Members tab.
Click +.
Enter a name or part of a name in the Find field and click the search icon to return a list of results.
Select a user from the list and click Add. Alternatively, hold down Ctrl to select multiple users, and click Add.
Optionally, you can make specific roles available to group members by performing the following steps:
Click the Roles tab.
Click Add.
Leave the Find field blank and click the search icon to return a list of all available roles.
Select a role from the list and click Add. Alternatively, hold down Ctrl to select multiple roles, and click Add.
Click Save & Close to create the dynamic group.
To search for one or more groups:
In the Groups pane, enter the search string in the Find field. You can perform a search using one or more of the following attributes:
Name
Description
Status
For more information, see Performing Simple Searches.
Click the Search icon.
Click x to reset the Groups pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
A resource is an entity that users can search for, reserve, and use for a specified period of time, such as a conference room or a projector.
To create a resource:
Click New.
Enter a unique name for the resource.
Specify a capacity for the resource. For example, a small conference room could have a capacity of 10.
Optionally, enter a location, description, phone number, fax number, and URL for the resource.
Optionally, provide any special information related to booking this resource in the Booking Info field.
Optionally, assign individual approvers to the resource by performing the following steps:
Click +.
Enter the full name or part of the name of an Oracle Beehive user in the field and click the magnifying glass to obtain a list of results.
Select a user. The user now appears in the Approvers list.
Select the check box next to the user name to make the user an approver for the resource.
Repeat the previous steps to add additional users as approvers for the resource.
Note:
When you create a resource, all Oracle Beehive users are listed as approvers for the resource by default.Click Save & Close.
To search for one or more resources:
In the Resources pane, enter the search string in the Find field. You can perform a search using one or more of the following attributes:
Name
ID
Capacity
Type
Modified
For more information, see Performing Simple Searches.
Click Search.
Click Clear to reset the Resources pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
To upload a new device profile to Oracle Beehive:
From the Actions menu, select Upload Profile.
Click Browse.
Select a valid device profile in XML format and click Open.
Click Upload.
Click Close to exit the Upload File dialog box.
To modify a device profile:
From the Actions menu, select Open.
Click + next to any of the sections.
To modify a parameter, edit the value in the appropriate Value box.
Click Apply to apply your changes, or Reset to erase your changes.
Note:
The device capabilities that appear when you click the Capabilities tab are read-only and cannot be modified.To delete a device profile:
Select a profile.
From the Actions menu, select Delete.
Note:
You can only delete profiles without associated device types.You can filter the list of device profiles displayed in the main window by entering filter criteria in the Filter by field and clicking the magnifying glass. You can filter profiles by name or by the Modified On date. Clicking X next to the Filter by field resets the filter criteria and reloads the profile window with no filter criteria.
To view all associated device types for a profile:
Select a profile.
From the View menu, select Types.
Click the Types tab to list all available device types in the system and display associated information for each device type:
Name
Manufacturer
Model
Dev Inf DTD Version: Displays the Document Type Definition (DTD) version used to exchange information between the device and the Oracle Beehive server.
Software Version: Lists the device's OS version.
Device Class: Lists the class of the device. Device classes include PDA, pager, and mobile.
OS: Lists the operating system that can run on the device.
Processor
To create a device type:
Click New to bring up the New Device Type window.
Select a profile from the Device Profile pull-down menu.
Enter a manufacturer, model, device class, OS, and processor for the device type. If you specify a manufacturer and model, you do not need to provide the device class, OS, and processor. If you provide the device class, OS, and processor, you do not need to specify the manufacturer and model.
Optionally, enter the software version and DTD version for the device type. For more information, see Listing Devices Types.
Click Save & Close to create the device type and close the New Device Type window. Alternatively, click Apply to create the device type without closing the window.
To view a device type, select it in the main window. Details are displayed in a pane below the main window.
To modify a device type:
Click the Types tab.
Select a device type.
Modify any of the properties for the device type.
Click Apply to save your changes to the device type. Alternatively, click Reset to discard your changes.
To delete a device type, select one or more device types and select Delete from the Actions menu. You will be prompted to confirm the deletion or deletions.
You can search the system for device types.
To search for device types:
In the Devices pane, click the Types tab. For more information, see Listing Devices Types.
Enter a search string in the Find field. For more information, see Performing Simple Searches.
Click Search.
Click Clear to reset the Devices pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
You can queue different device commands to be performed at a later date.
To queue a command for a device:
From the Manage Enterprises section in the left-hand pane, click Devices.
Click the Devices tab.
Click the Commands tab.
Select the device.
From the Actions menu, select one of the following commands:
Check for Updates: Use this command to query the server for any application updates.
Upload Log: Use this command to upload device logs created by the installed applications to the server.
Upload Config: Use this command to upload an inventory of all installed applications and their respective configurations to the server.
Wipeout: Use this command to erase all applications and data from the selected device.
You can delete device commands from the queue at any time. You may want to delete device commands for one of the following reasons:
The device is not available.
The user is not currently accepting the queued command.
You have queued another command with the Wipeout command pending and no longer want the command to be executed.
To delete a device command from the queue:
From the Manage Enterprises section in the left-hand pane, click Devices.
Click the Devices tab.
Click the Commands tab.
Select the device.
Select the queued command and click Delete.
A role is tied to a role definition and can be used to assign a set of privileges to multiple users. Though Oracle Beehive comes with a predefined set of roles and role definitions, you can create your own roles and role definitions to suit the needs of your enterprise.
A role definition is an Oracle Beehive entity that comprises access types and privileges for a given scope (enterprise, organization, team workspace, or personal workspace).
To create a role definition:
From the Enterprises panel, click Roles.
If the scope for the role definition is your entire enterprise, proceed to step 3. If the scope for the role definition is an organization, team workspace, or personal workspace within your enterprise, perform the following steps:
Click the Search icon next to the Scope field.
Click the View Organizations icon to view a list of organizations within your enterprise. Alternatively, click the View Workspaces icon to view a list of team workspaces and personal workspaces within your enterprise.
Select an item from the list and click Add.
Tip:
A scope is a section of the Oracle Beehive system such as an enterprise, organization, personal workspace, or team workspace. When you create a role definition, you define its scope, which determines the availability and access of the role definition. For example, a role definition created within the scope of a specific team workspace is only valid in that workspace.Click the Definitions tab.
From the New menu, select Definitions.
In the Name field, enter a unique name for the role definition. In the Description field, enter a brief description for the role definition.
Select the always enabled check box to ensure that all roles referencing this role definition are enabled by default. If the always enabled check box is deselected, roles referencing this role definition are disabled by default, and must be enabled individually.
Using the options in the Access types section, select the operations that can be performed on Oracle Beehive entities in this role definition. You can grant access, deny access, or leave access undefined for each access type:
All sets every access type to Granted for the role definition.
Read allows the user to view or open an artifact.
Write allows the user to alter an artifact.
Delete allows the user to delete an artifact.
Execute allows the user to run executable artifacts, such as installers and applications.
Discover only allows the user to discover the existence of an artifact in searches, lists, and directories. It does not let the user view the contents of an artifact.
Note:
For more information, see About Entities, Actors, and Artifacts.Click the Privileges tab.
Click Add.
Select a privilege from the list and click Add. Alternatively, hold down Ctrl to select multiple privileges, and click Add.
Tip:
A privilege is the authority to perform a set of operations within the Oracle Beehive system. Some privileges apply only to specific services, while others apply to all services. For example, the Calendar User privilege allows the user to use the calendaring functionality in Oracle Beehive, while the Login privilege allows the user to sign in to Oracle Beehive.Click Save & Close to create the role definition and close the New Definition window. Alternatively, click Apply to create the role definition without closing the window.
When you decide to create a role definition, determine the needs you want fulfilled through the role definition in relation to your user base:
Where in your enterprise is this role definition valid? A role definition can be valid in a team workspace, in a personal workspace, in an organization, or across your entire enterprise. The logical area of effect for this role definition constitutes its scope.
What services should be available for this role definition? The type and number of accessible services constitute the privileges for the role definition.
What operations can be performed on Oracle Beehive entities via this role definition? The selected operations constitute the available access types for the role definition.
Note:
A role definition remains inactive until you associate it with a role.To create a role:
Click New.
Enter a unique name for the role.
Click the search icon to access a list of role definitions. Select a role definition from the list. The selected role definition now appears in the Definitions field.
Optionally, enter a role description in the Description field.
Optionally, you can grant users, groups, or resources automatic access to this role by performing the following steps:
Depending on the type of entity to be granted access to the role, click the Groups tab, the Users tab, or the Resources tab.
Click Add.
Enter the full name or part of the name of a user, group, or resource in the Find field and click the magnifying glass to obtain a list of results.
Select an item from the list and click Add. Alternatively, hold down Ctrl to select multiple items, and click Add.
Click Save & Close.
To modify a role:
Select the role.
Modify the role as described in steps 2 through 5 of Creating Roles.
Click Apply to save your changes.
Categories are a hierarchical structure of designations that may be applied to entities, including all of the artifacts stored in a workspace. Categories always exist at the enterprise scope.
Policies establish rules for how the system should behave when certain events occur, based on evaluating the truth of a set of conditions, and then allowing or disallowing a resulting action.
Each policy is triggered by events.
A policy has one or more rules, each of which is triggered by one event.
Each rule contains one or more conditions, which are evaluated as true or false.
Each rule may activate an action, depending on the results of the evaluated conditions.
For more detailed information about policies, see the "Managing Oracle Beehive Events, Policies and Workflows" module of the Oracle Beehive Administrator's Guide.
To access the main Policies view, click Policies in the Enterprise panel.
You can list the existing policies by clicking the Policies tab in the main Policies view. Each policy is listed by name, along with a description and an indication of whether the policy is currently enabled.
You can sort the list of policies by name.
You can review the details of an existing policy. Click a policy from the list of existing policies. Details of the policy are shown in the lower pane.
The following information is shown on the General tab:
The Name of the policy
If a Template was used when creating this policy, that template's name is shown
If the policy is currently enabled, the Enabled checkbox is checked
A Description of the policy
The date and actor associated with the policy creation, and the date and actor associated with the last modification of the policy
To view the rules included in the policy, click the Rules tab.
Click a rule to view information about that rule. The following information is shown:
On the General tab:
The Name of the rule
The rule's Priority; rules are evaluated from lowest to highest integer value of priority
The Event which triggers this rule
The Action to be performed if the event occurs
A Description of the rule
On the Conditions tab:
One or more conditions may be shown. If there are conditions, the conditions must be met for the action shown on the General tab to be triggered
On the Action Preferences tab:
One or more Action Preferences may be listed. Each Action Preference has a name and description
To create a policy:
From the main Policy view, click the New button
In the New Policy window, enter a name and description for the new policy
Click the Rules tab
You must add one or more rules to a policy. Click the Add button to add a new rule. For each new rule, on the New Rule General tab:
Enter a Name and Description for the rule
Select a Priority for the rule. Rules will be evaluated in order of priority, from the lowest to the highest.
Select an Event which will trigger this rule. You can type in an event or click the search icon to pick an event from a list
Select an Action to be triggered when the Event occurs. You can type in an action, or click the search icon to pick an action from a list
For each new rule, on the New Rule Conditions tab, you may optionally add one or more conditions to the rule:
Click Add to add a new condition
Select whether the condition on the left side of the function will be a Function or an Attribute from the first drop-down box
Enter a value on the left side of the equation, or click the list icon to select an attribute from a list
Select an operator from the center drop-down list
Select whether the condition on the right side of the function will be a Function or an Attribute from the second drop-down box
Enter a value on the right side of the equation, or click the list icon to select an attribute from a list
For each new rule, on the New Rule Action Preferences tab, you may optionally add one or more action preferences to the rule:
Click Add to add a new action preference
Enter a name and a value for the new action preference
Click Apply to save your policy but keep the window open for further changes, or click Apply and Close to save your policy and close the New Policy window
To modify a policy:
From the Policies pane, click a policy in the list
Note:
You can edit an existing policy in the lower pane, or, if you prefer, select the policy and choose Edit from the Action drop-down list to edit the policy in a seperate window.On the General tab, you can change the name and description of the policy, and you can enable or disable the policy by clicking the Enabled checkbox
On the Rules tab, you can edit existing rules. Click the rule, and then make changes to it. Click the Add button to add a new rule. For each rule, on the Rule General tab:
Enter or modify the Name and Description for the rule
Select or modify the Priority for the rule. Rules will be evaluated in order of priority, from the lowest to the highest.
Select or modify an Event which will trigger this rule. You can type in an event or click the search icon to pick an event from a list
Select or modify an Action to be triggered when the Event occurs. You can type in an action, or click the search icon to pick an action from a list
For each new or existing rule, on the Rule Conditions tab, you may add or modify conditions for the rule:
Click Add to add a new condition, or click on an existing condition to select it
Select or modify whether the condition on the left side of the function will be a Function or an Attribute from the first drop-down box
Enter or modify a value on the left side of the equation, or click the list icon to select an attribute from a list
Select or modify the operator from the center drop-down list
Select or modify whether the condition on the right side of the function will be a Function or an Attribute from the second drop-down box
Enter or modify a value on the right side of the equation, or click the list icon to select an attribute from a list
For each new or existing rule, on the Rule Action Preferences tab, you may add or modify one or more action preferences to the rule:
Click Add to add a new action preference, or click an existing action preference to select it
Enter or modify a name and a value for each new or existing action preference
Click Apply to save the changes you have made to the existing policy, or click Reset to revert to the previously saved version of the policy. Clicking Reset will remove any changes you have made so far to the policy
Caution:
You should not delete the default policies, as they are required for various Oracle Beehive functions to work properly. The default policies include the Audit Records Management policy, the Validate Password policy, the User Provisioning policy, and the User Deprovisioning policy. If you need to disable any of these policies, you can edit the policy, and de-select the Enabled checkbox.To delete an existing policy:
From the Policies pane, click an existing policy
Click Delete or choose Delete from the Action drop-down list to delete the policy
On the confirmation dialog box, click OK to confirm deletion of the policy
Policies invoke actions based on events and conditions. When you create or edit a rule, you must use one of these actions to define what Oracle Beehive should do when the rule event, and all conditions, are met. You can review the list of default actions.
To view the default action definitions, from the Policies pane, click the Action Definitions tab. Each action definition is listed, along with a description.
Click an action definition to display information about that action definition. In the lower pane, the Name, Description, Type, and Action string are displayed.
Auditing is the act of capturing and evaluating historical records of system events to assess system performance, track user activities, and identify issues, among other goals. The results of effective auditing include timely and informed decisions and actions, especially when resolving security threats or preventing them from occurring. For more detailed information, see "Managing Auditing Policies" in the "Managing Oracle Beehive Events, Policies and Workflows" module of the Oracle Beehive Administrator's Guide.
To access the main Audit view, click Audit in the Enterprises panel.
You can list available audit templates by clicking the Templates tab in the main Audit view. Besides name and description, the following information is also provided:
Enabled: If the audit template is enabled, a checkmark appears next to the template name in the Enabled column.
Note:
A disabled audit template automatically disables all audit policies that reference it.Auditable Events: A list of auditable event types captured by the audit template. If there are more event types associated with the template than the column can show, ... is appended to the end of the list. You can view the complete list by clicking the Auditable Events tab in the Details pane when the appropriate audit template is selected.
You can sort the list of audit templates by name or by description.
To create an audit template:
From the main Audit view, click the Templates tab.
From the New menu, select Audit Template.
On the General tab, enter a unique name for the template. Additionally, enter a brief description of the template.
Choose whether or not the template is enabled. For more information, see Listing Audit Templates.
Click the Auditable Events tab.
Select an auditable event to be captured by this audit template using the arrow buttons. Repeat the step if needed.
Click Save & Close to create the audit template.
You can modify the name, description, enabled status, and associated auditable events of any Oracle Beehive audit template.
To modify an audit template:
From the main Audit view, click the Templates tab.
Select the audit template you want to modify.
From the Actions menu, select Open.
When you have finished, click Save & Close to save your changes and return to the main Audit view.
To delete an audit template:
In the main Audit view, click the Templates tab.
Select the audit template you want to delete.
Click Delete.
Click OK to confirm the operation and delete the selected audit template.
You can list available audit policies by clicking the Policies tab in the main Audit view. Besides name and description, the following information is also provided for each audit policy:
Enabled: If the audit policy is enabled, a checkmark appears next to the policy name in the Enabled column. A disabled audit policy is inactive.
Template: The audit template referenced by the selected policy.
Scope: The audit scope of the selected policy.
Actors: The users and/or groups whose events will be audited by this policy. If this field is empty, the selected audit policy will affect all users by default. For more information, see About Entities, Actors, and Artifacts.
Oracle Beehive comes with a predefined set of audit policies out of the box. However, you can also create your own audit policies from scratch or based on a specified audit template.
When you create an audit policy, you must assign it an audit template and a scope.
To create an audit policy from scratch:
In the main Audit view, click the Policies tab.
Click New.
On the General tab, enter a unique name for the audit policy. Additionally, enter a brief description of the audit policy.
Select an audit template and an audit scope for the policy. For more information, see Listing Audit Policies.
Choose whether or not the audit policy is enabled. Disabled audit policies are inactive.
Click the Users tab and select the users to be audited by this policy. Click the Groups tab and select the groups to be audited by this policy. For more information, see Listing Audit Policies.
Click Save & Close to create your audit policy and exit the New Audit Policy dialog.
For convenience and ease of use, you can create an audit policy directly from an audit template.
To create an audit policy from a specific audit template:
In the main Audit view, click the Templates tab.
Select an audit template.
From the New menu, select Audit Policy from Template.
Enter all information for the policy as described in Creating an Audit Policy From Scratch.
You can modify any audit policy you have created by double-clicking the audit policy in the main Audit view and following the steps described in Creating Audit Policies.
You can delete any audit policy you have created by selecting the audit policy in the main Audit view and clicking Delete from the Toolbar. To delete multiple audit policies at once, hold down Ctrl while making your selections. You will be prompted to confirm the deletion or deletions.
You can search the system for audit templates or policies.
To search for audit templates or policies:
If you want to search for audit templates, click the Templates tab. Alternatively, if you want to search for audit policies, click the Policies tab.
Enter a search string in the Find field. For more information, see Performing Simple Searches.
Click the Search button.
Click the Clear button to reset the pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
The Audit Repository contains all audited events. Auditors can search the repository for specific records and create audit trails from the search results. For more information, see Creating Audit Trails.
To search the audit repository for records:
In the main Audit view, click the Repository tab.
Enter a search string in the Find field. For more information, see Performing Simple Searches. The following attributes are available for searching:
Table 3-1 Audit Record Search Attributes
| Search Attribute | Description |
|---|---|
|
actor |
The actor that caused the audited event(s) |
|
event |
The audit event type |
|
range |
The date range in which the audited event(s) occurred |
|
service |
The type of component used to cause the audited event, for example, calendar or email |
|
entityId |
The identifier of the entity on which the actor is performing the action |
|
activity |
The action performed by the actor |
Click the Search button. Your search results appear in the main window.
Click the Clear button to reset the pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
When you click the Repository tab in the main Audit view, you will see a list of audit records. Clicking an audit record brings up information about the record in the Details pane. Because audit records cannot be modified, they appear as read-only in the display.
When you click the Trails tab in the main Audit view, you will see a list of audit trails. The attributes for each audit trail are listed in the appropriate column:
Name (name)
Description (description)
Last Record ID: Lists the sequence ID of the last audit record in the audit trail.
Record Count: Lists the number of records in the audit trail.
Host ID (host): Lists the host identifier of the Oracle Beehive server from where the audit trail is generated.
Instance Name (instance): Lists the instance identifier of the application server from where the audit trail is generated.
Oracle Home (oraclehome): Lists the <Oracle Home> property value from where the audit trail is generated.
Note:
Each parenthetical value represents the equivalent search attribute for the associated audit trail attribute. For more information, see Searching for Audit Trails and Performing Simple Searches.There are different ways to create an audit trail:
You can search the repository for a set of records and add any or all of the search results to an audit trail. This approach is preferable when you want to create an audit trail based on a relatively small number of records and you have enough information to perform a well-defined search that does not return large numbers of irrelevant results.
To create an audit trail from a repository search:
Determine the criteria for the audit records you want to add to your audit trail.
Perform a search for audit records using the steps described in Searching the Audit Repository.
Holding down Ctrl, select the desired audit records.
From the Toolbar, click New.
Enter a unique name for the audit trail. Optionally, enter a description.
Optionally, click the Member Records tab and add additional audit records to the audit trail.
Click Save & Close to create the audit trail and return to the main Audit view.
You can create an audit trail based on a specific set of filters. Only audit records that satisfy your filters will be added to the audit trail. This approach is preferable when you want to create an audit trail based on a large number of records.
To create an audit trail using filter conditions:
In the main Audit view, click New on the Toolbar.
Enter a unique name for the audit trail. Optionally, enter a description.
Add filters to the audit trail:
Click the User Filter tab and add one or more users to the filter.
Click the Group Filter tab and add one or more groups to the filter.
Click the Entity Filter tab and add one or more entities to the filter.
Click Apply to apply your filters to the audit trail.
Click the Member Records tab to view all audit records in the audit trail that match your filter conditions. Optionally, you can manually add audit records to the audit trail.
Click Save & Close to create the audit trail and return to the main Audit view.
Note:
To be included in the audit trail, an audit record must satisfy all specified filters.You can modify any audit trail you have created by double-clicking the audit trail in the main Audit view and following the steps described in Creating Audit Trails.
You can delete any audit trail you have created by selecting the audit trail in the main Audit view and clicking Delete from the Toolbar. To delete multiple audit trails at once, hold down Ctrl while making your selections. You will be prompted to confirm the deletion or deletions.
You can export an audit trail in XML format by selecting the audit trail in the main Audit view and clicking Export from the Toolbar. You will be prompted to provide a file name and a directory path for the export.
You can validate an audit trail to ensure that all its audit records are authentic and have not been compromised in any way.
To validate an audit trail:
In the main Audit view, click the Trails tab.
Select an audit trail and click Validate. You will be prompted to confirm the validation attempt.
If the validation is successful, a confirmation dialog will appear, indicating that the selected audit trail is valid and authentic.
If the validation is unsuccessful, an error dialog will appear, indicating that the selected audit trail is invalid and listing the audit records that caused the validation attempt to fail.
You can search the system for audit trails.
To search the system for audit trails:
In the main Audit view, click the Trails tab.
Enter a search string in the Find field. For more information, see Performing Simple Searches.
Click the Search button.
Click the Clear button to reset the pane and repeat the search with a new string.
Alternatively, perform an advanced search by following the steps described in Performing Advanced Searches.
|
 Copyright © 2008, 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|