Oracle® Audit Vault Administrator's Guide Release 10.2.3.2 Part Number E14459-11 |
|
|
PDF · Mobi · ePub |
Use the Audit Vault IBM DB2 Database (AVDB2DB
) command-line utility to manage the relationship between Oracle Audit Vault an IBM DB2 source database and DB2 collector. When you run these commands, remember the following:
Enter the command in lowercase letters. The commands are case-sensitive.
On UNIX systems, when you open a new shell to run a command, first set the appropriate environment variables. See Section 2.2.2 and Section 2.2.3 for more information.
On Microsoft Windows systems, do not set any environment variables. Instead, run the command from the Audit Vault Server or collection agent ORACLE_HOME
\bin
directory.
Oracle Audit Vault creates a log file of AVDB2DB command activity. See Section A.1 and Section A.2 for more information.
Table 11-1 describes the AVDB2DB
commands and where each is used, whether on the Audit Vault Server, on the Audit Vault collection agent, or in both places.
Table 11-1 AVDB2DB Commands
Command | Where Used? | Description |
---|---|---|
Server |
Adds a collector to Oracle Audit Vault |
|
Server |
Registers an audit source with Oracle Audit Vault |
|
Server |
Alters the attributes of a collector |
|
Server |
Alters the attributes of a source |
|
Server |
Drops a collector from Oracle Audit Vault |
|
Server |
Drops a source from Oracle Audit Vault |
|
Both |
Displays help information for the |
|
Both |
Verifies that the source is compatible with the collectors |
The AVDB2DB
command-line utility, which you use to configure an IBM DB database with Oracle Audit Vault.
Syntax
avdb2db command -help avdb2db command [options] arguments
Arguments
Argument | Description |
---|---|
command |
Enter one of the commands listed in Table 11-1. |
arguments |
Enter one or more of the AVDB2DB command arguments. |
-help |
Displays help information for the AVDB2DB commands |
Usage Notes
Issuing an AVDB2DB
command generates the following log file: $ORACLE_HOME/av/log/
srcname-
db2db
-#
.log
. The #
is a generation number that starts from 0 (zero) and increases once the file size reaches the 100 MB limit.
The avdb2db add_collector
command adds a collector for the given IBM DB2 source database to Oracle Audit Vault. Oracle Audit Vault verifies the source database for the collector requirements.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db add_collector -srcname srcname -agentname agentname [-collname collname] [-desc desc]
Arguments
Argument | Description |
---|---|
-srcname srcname |
Enter the source database name for which the collector is to be added. Remember that the source database name is case-sensitive.
Typically, the host is the fully qualified domain name or IP address of the server on which the IBM DB2 source database is running, and the port number is 50000. |
-agentname agentname |
Enter the name of the collection agent that was created when you ran the avca add_agent command. (In most cases, this is the agent that you created when you installed the Audit Vault collection agent, as described in Oracle Audit Vault Collection Agent Installation Guide.)
If you are not sure of the agent name, then you can find it as follows: Log in to the Audit Vault Console, click the Configuration tab, and then click the Agent tab to display the Agents page. The name of the agent is displayed in the Agent column. |
-collname collname |
Create a name for the DB2 collector. Optional. If you do not create a name, Oracle Audit Vault names the collector DB2_Coll . |
-desc desc |
Enter a brief description of the collector. Optional. |
Usage Notes
Run any collector-specific preparation scripts before you execute the avdb2db
add_collector
command.
The avdb2db add_collector
command prompts for a user name and password. This user account must have privileges to run the IBM DB2 db2audit
command (for example, a user who has the sysadmin
privilege).
Example
The following example shows how to add an DB2 collector to Oracle Audit Vault on Linux and UNIX platforms.
avdb2db add_collector -srcname db2db4 -agentname agent1 Enter a username : source_user_name Enter a password : password ***** Collector Added Successfully*****
The avdb2db add_source
command registers an IBM DB2 source database with Oracle Audit Vault for audit data consolidation.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db add_source -src host:port -srcname srcname [-desc desc]
Arguments
Argument | Description |
---|---|
-src host : port
or
|
Enter the source database connection information, using one of the following:
Enter the host name, port number, and optional database name separated by a colon. Typically, the host is the fully qualified domain name or IP address of the server on which the IBM DB2 source database is running, and the port number is 50000. |
-srcname srcname |
Create a name to associate with this source database. Remember that the source database name is case-sensitive. Oracle Audit Vault uses this name to connect to the IBM DB2 source database. |
-desc desc |
Enter a brief description of the source database. Optional. |
Usage Notes
The avdb2db add_source
command prompts for a user name and password. This user account must have privileges to run the IBM DB2 db2audit
command (for example, a user who has the sysadmin
privilege).
Example
The following example shows how to register a source with Oracle Audit Vault.
avdb2db add_source -src lnxserver:50000 -srcname db2db4 -desc 'HR Database' Enter a username : source_user_name Enter a password : password ***** Source Verified ***** ***** Source Added Successfully *****
The avdb2db alter_collector
command modifies the attributes of a DB2 collector.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db alter_collector -srcname srcname -collname collname [attrname=attrvalue...attrname=attrvalue]
Arguments
Argument | Description |
---|---|
-srcname srcname |
Enter the name of the source database to which this collector belongs. Remember that the source database name is case-sensitive. |
-collname collname |
Enter the name of the collector to be modified. |
attrname = attrvalue |
Enter the attribute pair (attribute name, new attribute value) for mutable collector property and attributes for this collector type. This argument is optional.
Enclose the attribute value in double quotation marks. For multiple values, enclose the entire set in double quotation marks and separate each value with a space. For example: ...="value1 value2 value3" |
Usage Notes
You can modify one or more collector attributes at a time. Table 11-2 lists the collector attributes, whether the parameter is mutable, its default value, and a brief description. You can enter these settings in any case; they not case sensitive.
Table 11-2 DB2 Collector Attributes
Attribute | Description | Mutable | Default Value |
---|---|---|---|
|
The description for this collector |
Yes |
|
|
Number of connections to the database |
No |
|
|
The delay time (in milliseconds) of the collector |
Yes |
|
|
The maximum number of records to be fetched by the collector |
Yes |
|
|
The location of the directory where the DB2 collector will look for files to collect audit records from, or the location to which the DB2 extraction utility writes the text files. Enter an absolute path only, not a relative path. |
Yes |
|
Examples
The following example shows how to alter the NO_OF_RECORDS
attribute and the collector description for the DB2Collector
collector in Oracle Audit Vault:
avdb2db alter_collector -srcname db2db4 -collname DB2Collector NO_OF_RECORDS=1500 DESCRIPTION="IBM DB2 collector 9" ***** Collector Altered Successfully *****
The avdb2db alter_source
command modifies the attributes of an IBM DB2 source database.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db alter_source -srcname srcname [attrname=attrvalue...attrname=attrvalue]
Arguments
Argument | Description |
---|---|
-srcname srcname |
Enter the name of the source database to be modified. Remember that the source database name is case-sensitive. |
attrname = attrvalue |
Enter the attribute pair (attribute name, new attribute value) for mutable source properties and attributes for this source type. This argument is optional. Separate multiple pairs by a space on the command line. See Table 11-3 for more information. |
Usage Notes
Table 11-3 lists the source database attributes, a brief description of the attribute, whether the attribute is mutable, and the default value. You can modify one or more source attributes at a time.
Table 11-3 Source Attributes
Attribute | Description | Mutable | Default Value |
---|---|---|---|
|
The source type name for this source database. The default name is DB2DB. |
No |
|
|
The name for this source database. |
No |
|
|
The source database host name. |
No |
|
|
The source database host IP address. |
No |
|
|
The source database version. |
Yes |
|
|
A new description for this source database. |
Yes |
|
|
A new port number for this system where the source database audit data resides |
Yes |
None |
Example
The following example shows how to alter the DESCRIPTION
attribute for the source database named db2db4
in Oracle Audit Vault:
avdb2db alter_source -srcname db2db4 DESCRIPTION="HR Database" ***** Source Altered Successfully *****
The avdb2db drop_collector
command disables (but does not remove) a DB2 collector from Oracle Audit Vault.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db drop_collector -srcname srcname -collname collname
Arguments
Argument | Description |
---|---|
-srcname srcname |
Enter the name of the source database to which the collector (specified in the -collname argument) belongs. Remember that the source database name is case-sensitive. |
-collname collname |
Enter the name of the collector to be dropped from Oracle Audit Vault. |
Usage Notes
The drop_collector
command does not delete the collector from Oracle Audit Vault. It only disables the collector. The collector metadata is still in the database after you run the drop_collector
command. If you want to recreate the collector, create it with a different name.
Example
The following example shows how to drop a collector named DB2Collector
from Oracle Audit Vault:
avdb2db drop_collector -srcname db2db4 -collname DB2Collector ***** Collector Dropped Successfully *****
The avdb2db drop_source
command disables (but does not remove) an IBM DB2 source database from Oracle Audit Vault.
Where to Run This Command
Audit Vault Server:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2.
Microsoft Windows: Go to the Audit Vault Server ORACLE_HOME
\bin
directory.
Syntax
avdb2db drop_source -srcname srcname
Arguments
Argument | Description |
---|---|
-srcname srcname |
Enter the name of the source database to be dropped from Oracle Audit Vault. Remember that the source database name is case-sensitive. |
Usage Notes
The drop_source
command does not delete the source database from Oracle Audit Vault. It only disables the source database definition in Oracle Audit Vault. The source database metadata is still in the database after you run the drop_source
command. If you want to re-create the source database definition, create it with a different name.
You cannot drop a source database if there are any active collectors for this source. You must drop all collectors associated with the source database before you can run the drop_source
command on it.
Example
The following example shows how to drop the source named db2db4
from Oracle Audit Vault:
avdb2db drop_source -srcname db2db4 ***** Drop Source Successfully *****
The avdb2db -help
command displays help information for the AVDB2DB
commands.
Where to Run This Command
Either Audit Vault Server and collection agent:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2 for Audit Vault Server or Section 2.2.3 for the collection agent.
Microsoft Windows: Go to the Audit Vault Server or collection agent ORACLE_HOME
\bin
directory.
Syntax
avdb2db -help
avdb2db command -help
Arguments
Argument | Description |
---|---|
command |
Enter the name of an AVDB2DB command for which you want help to appear. |
Usage Notes
None
Example
The following example shows how to display general AVDB2DB
utility help in Oracle Audit Vault:
avdb2db -help
The following example shows how to display specific AVDB2DB
help for the add_source
command in the Audit Vault Server home.
avdb2db add_source -help avdb2db add_source command add_source -src <host:port> -srcname <srcname> [-desc <desc>] Purpose: The source is added to Audit Vault. Arguments: -src : Source DB connection information -srcname : Name of a source -desc : Optional description of the source Examples: avdb2db add_source -src lnxserver:50000 -desc 'HR Database'
The avdb2db verify
command verifies that the IBM DB2 source database is compatible for setting up the specified collectors.
Where to Run This Command
Either Audit Vault Server and collection agent:
UNIX: Set the appropriate environment variables, as described in Section 2.2.2 for Audit Vault Server or Section 2.2.3 for the collection agent.
Microsoft Windows: Go to the Audit Vault Server or collection agent ORACLE_HOME
\bin
directory.
Syntax
avdb2db verify -src host:port:database_name
Arguments
Argument | Description |
---|---|
-src host : port : database_name |
Enter the source database connection information: host name and port number, separated by a colon.
Typically, the host is the fully qualified domain name or IP address of the server on which the IBM DB2 source database is running, and the port number is 50000. The |
Usage Notes
The avdb2db verify
command checks the following:
Whether the version of the database is supported: Versions 8.2 through 9.5
Whether the source user has the required privileges in the source database that is to be registered with Oracle Audit Vault
Whether auditing is enabled in the source database
Whether the operating system on which the source database is running is supported
If you installed the collection agent on a Microsoft Windows computer and want to run the avdb2db verify
command from there, run it from the ORACLE_HOME
\bin
directory. For UNIX or Linux installations, set the appropriate environment variables before running this command. See Section 2.2 for more information.
The avdb2db verify
command prompts for a user name and password. This user account must have privileges to run the IBM DB2 db2audit
command (for example, a user who has the sysadmin
privilege).
Example
The following example verifies that the source database is compatible with the DB2 collector on a Linux or UNIX system.
avdb2db verify -src 192.0.2.7:50000:sales_db Enter a username : source_user_name Enter a password : password ***** Source Verified *****