Skip Headers
Oracle® Audit Vault Administrator's Guide
Release 10.2.3.2
Part Number E14459-11
Home
Book List
Index
Contact Us
Next
PDF
·
Mobi
·
ePub
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in Oracle Audit Vault for Administrators?
Oracle Audit Vault Release 10.2.3.2 New Features
Oracle Audit Vault Release 10.2.3.1 New Features
1
Introducing Oracle Audit Vault for Administrators
1.1
How Do Administrators Use Oracle Audit Vault?
1.2
General Steps for Administering Oracle Audit Vault
1.2.1
Step 1: Understand the Oracle Audit Vault Architecture
1.2.2
Step 2: Plan the Oracle Audit Vault Source Database and Collector Configuration
1.2.3
Step 3: Configure Collectors to Collect Audit Data
1.2.4
Step 4: Monitor and Maintain the Audit Record Collection Process
1.3
Components of Oracle Audit Vault
1.3.1
Source Databases
1.3.2
Oracle Audit Vault Server
1.3.2.1
General Oracle Audit Vault Server Components
1.3.2.2
Default Oracle Audit Vault Server Port Numbers
1.3.3
Oracle Database Vault
1.3.4
Audit Vault Collection Agent and Collectors
1.3.4.1
What Are Collection Agents and Collectors?
1.3.4.2
General Audit Vault Collection Agent and Collector Components
1.3.4.3
Default Audit Vault Collection Agent and Collector Port Numbers
1.3.5
How the Oracle Audit Vault Components Work Together
1.4
Administrative Tools for Managing Oracle Audit Vault
1.5
Default Oracle Audit Vault Roles
1.6
Planning the Source Database and Collector Configuration
1.6.1
About Planning the Source Database and Collector Configuration
1.6.2
Planning the Oracle Source Database and Collector Configuration
1.6.3
Planning the Microsoft SQL Server Source Database and Collector Configuration
1.6.4
Planning the Sybase ASE Source Database and Collector Configuration
1.6.5
Planning the IBM DB2 Source Database and Collector Configuration
2
Registering Source Databases and Collectors
2.1
General Steps for Adding Sources and Deploying Collectors
2.2
Checking and Setting Environment Variables
2.2.1
About Checking and Setting Linux and UNIX Environment Variables
2.2.2
Setting the Audit Vault Server Linux and UNIX Environment Variables
2.2.3
Setting the Collection Agent Linux and UNIX Environment Variables
2.2.4
Using Oracle Audit Vault in a Microsoft Windows Environment
2.2.5
Setting the Oracle Source Database Linux and UNIX Environment Variables
2.3
Registering Oracle Database Sources and Collectors
2.3.1
Step 1: Create a User Account on the Oracle Source Database
2.3.2
Step 2: Verify That the Source Database Is Compatible with the Collectors
2.3.3
Step 3: Register the Oracle Source Database with Oracle Audit Vault
2.3.4
Step 4: Add the Oracle Collectors to Oracle Audit Vault
2.3.5
Step 5: Enable the Audit Vault Agent to Run the Oracle Database Collectors
2.4
Registering Microsoft SQL Server Database Sources and Collector
2.4.1
Step 1: Download the Microsoft SQL Server JDBC Driver
2.4.2
Step 2: Create a User Account on the Microsoft SQL Server Database Instance
2.4.3
Step 3: Verify That the Database Instance Is Compatible with the Collector
2.4.4
Step 4: Register the SQL Server Source Database Instance with Audit Vault
2.4.5
Step 5: Add the MSSQLDB Collector to Oracle Audit Vault
2.4.6
Step 6: Enable the Audit Vault Agent to Run the MSSQLDB Collector
2.4.7
Step 7: Optionally, Schedule an Audit Trail Cleanup for SQL Server Audit Files
2.5
Registering Sybase ASE Database Sources and Collector
2.5.1
Step 1: Download the jConnect for JDBC Driver
2.5.2
Step 2: Create a User Account on the Sybase ASE Source Database
2.5.3
Step 3: Verify That the Source Database Is Compatible with the Collector
2.5.4
Step 4: Register the Sybase ASE Source Database with Oracle Audit Vault
2.5.5
Step 5: Add the SYBDB Collector to Oracle Audit Vault
2.5.6
Step 6: Enable the Audit Vault Agent to Run the SYBDB Collector
2.6
Registering IBM DB2 Database Sources and Collector
2.6.1
Step 1: Copy the DB2 JDBC and SQLJ Driver to the Audit Vault Homes
2.6.2
Step 2: Designate a User Account on the IBM DB2 Source Database
2.6.3
Step 3: Verify That the Source Database Is Compatible with the Collector
2.6.4
Step 4: Register the IBM DB2 Source Database with Oracle Audit Vault
2.6.5
Step 5: Add the DB2 Collector to Oracle Audit Vault
2.6.6
Step 6: Convert the Binary DB2 Audit File to an ASCII Text File
2.6.6.1
Step 7A: Complete the Preparation Steps
2.6.6.2
Step 7B: Run the Conversion Script
2.7
Starting the Collection Agents
2.7.1
Starting the Oracle Audit Vault Release 10.2.3.2 Collection Agents
2.7.2
Starting the Oracle Audit Vault Release 10.2.3.1 or Earlier Collection Agents
2.8
Starting the Collectors
2.8.1
Starting the Collectors from the Audit Vault Console
2.8.2
Starting the Collectors from the Audit Vault Server
2.9
Checking the Status of the Collectors
2.9.1
Checking the Status of Collectors from the Audit Vault Console
2.9.2
Checking the Status of Collectors from a Command Line
2.10
Checking If the Collectors Are Collecting Audit Records
3
Managing Oracle Audit Vault
3.1
About Managing Oracle Audit Vault
3.2
Managing the Audit Vault Server
3.2.1
About Managing the Audit Vault Console
3.2.2
Checking the Audit Vault Console Status
3.2.3
Starting and Logging into the Audit Vault Console
3.2.4
Stopping the Audit Vault Server Console
3.2.5
Globally Disabling and Enabling Alert Settings
3.2.6
Viewing Audit Event Categories
3.2.7
Viewing Operational Errors That Oracle Audit Vault Catches
3.3
Altering Collector Properties and Attributes
3.3.1
About Collector Properties and Attributes
3.3.2
Altering Collector Properties and Attributes Using the Audit Vault Console
3.3.3
Altering Collector Properties and Attributes from a Command Line
3.4
Managing the Oracle Audit Vault Data Warehouse
3.4.1
About Managing the Oracle Audit Vault Data Warehouse
3.4.2
Setting the Audit Vault Data Warehouse Retention Period
3.4.2.1
About Setting a Retention Period
3.4.2.2
Creating a Retention Period Using the Audit Vault Console
3.4.2.3
Creating a Retention Period from a Command Line
3.4.3
Loading Data to the Oracle Audit Vault Data Warehouse
3.4.3.1
About Loading Data into the Oracle Audit Vault Warehouse
3.4.3.2
Loading Data Warehouse Data Using the Audit Vault Console
3.4.3.3
Loading Data Warehouse Data from a Command Line
3.4.4
Purging Data from the Oracle Audit Vault Data Warehouse
3.4.4.1
About Purging the Oracle Audit Vault Data Warehouse
3.4.4.2
Purging Data Warehouse Data Using the Audit Vault Console
3.4.4.3
Purging Data Warehouse Data from a Command Line
3.5
Altering Source Database Attributes
3.5.1
About Source Database Attributes
3.5.2
Altering Source Database Attributes Using the Audit Vault Console
3.5.3
Altering Source Database Attributes from a Command Line
3.6
Configuring E-Mail Notifications
3.6.1
About E-Mail Notification Usage with Oracle Audit Vault
3.6.2
Configuring the E-Mail Notification Service
3.7
Configuring Oracle Audit Vault for the Remedy Trouble Ticket System
3.7.1
About Using the Remedy Trouble Ticket System with Oracle Audit Vault
3.7.2
Configuring the Remedy Trouble Ticket Server Connection
3.8
Removing Source Databases from Oracle Audit Vault
3.8.1
About Removing Source Databases from Oracle Audit Vault
3.8.2
Removing a Source Database Using the Audit Vault Console
3.8.3
Removing a Source Database from a Command Line
4
Administering the Oracle Audit Vault Repository
4.1
About the Administrative Tasks in This Chapter
4.2
Monitoring the Audit Vault Server SYSAUX Tablespace Space Usage
4.3
Monitoring Audit Vault Server Archive Log Disk Space Usage
4.4
Monitoring the Audit Vault Server Flash Recovery Area
4.5
Managing Oracle Audit Vault Backup and Recovery Operations
4.5.1
Backing Up the Database
4.5.2
Backing Up Audit Vault Server Home and Audit Vault Collection Agent Home
4.6
Managing the Audit Vault Console in an Oracle RAC Configuration
4.7
Using a Collection Agent to Listen to Oracle RAC Nodes
4.8
Configuring Collection Agent Connectivity for Oracle RAC
4.9
Changing the Port Numbers Used by Oracle Audit Vault
4.9.1
Changing Port Numbers for the Audit Vault Server
4.9.1.1
Changing the Audit Vault Server Listener Port Number
4.9.1.2
Changing the Audit Vault Console HTTP Port Number
4.9.1.3
Changing the Oracle Enterprise Manager Database Control Port Number
4.9.1.4
Changing the Audit Vault PL/SQL Gateway Port Number
4.9.2
Changing Port Numbers for the Audit Vault Collection Agents
4.9.2.1
Changing the Collection Agent HTTP Port Number
4.9.2.2
Changing the Collection Agent RMI and JMS Port Numbers
4.9.3
Changing Port Numbers for the Oracle Source Database
4.10
Purging the Oracle Source Database Audit Trail
4.10.1
About Purging the Oracle Source Database Audit Trail
4.10.2
Scheduling an Automated Purge Job for an Oracle Audit Vault Environment
4.11
Purging the Oracle Audit Vault Repository Audit Trail
5
Managing Oracle Audit Vault Security
5.1
About Managing Oracle Audit Vault Security
5.2
Managing Oracle Audit Vault User Accounts
5.3
Managing Authentication Metadata Using Oracle Advanced Security
5.4
Changing Oracle Audit Vault User Passwords on a Regular Basis
5.4.1
About Oracle Audit Vault User Passwords
5.4.2
Changing the AV_ADMIN User Password
5.4.3
Changing the AV_AGENT Password
5.4.4
Changing the Source User Password
5.4.5
Changing the AV_AUDITOR Password
5.4.6
Ensuring That All Changed User Name Passwords Work Correctly
5.5
Using Oracle Database Vault within Oracle Audit Vault
5.6
Configuring HTTPS and SSL Communication for Oracle Audit Vault
5.6.1
About Configuring HTTPS and SSL Communication for Oracle Audit Vault
5.6.2
Step 1: Generate the Keystore
5.6.3
Step 2: Create an Audit Vault Agent Keystore by Using the keytool Utility
5.6.4
Step 3: Secure the XDB Services
5.6.5
Step 4: Secure Audit Vault Server
5.6.6
Step 5: Secure Audit Vault Agent
5.7
Updating XDB Certificates
6
Audit Vault Configuration Assistant (AVCA) Reference
6.1
add_agent
6.2
alter_remedy
6.3
alter_smtp
6.4
create_credential
6.5
create_wallet
6.6
deploy_av
6.7
disable_remedy
6.8
disable_smtp
6.9
drop_agent
6.10
enable_remedy
6.11
enable_smtp
6.12
generate_csr
6.13
-help
6.14
import_cert
6.15
redeploy
6.16
register_remedy
6.17
register_smtp
6.18
remove_cert
6.19
secure_agent
6.20
secure_av
6.21
secure_remedy
6.22
secure_smtp
6.23
set_server_tz
6.24
set_warehouse_retention
6.25
show_remedy_config
6.26
show_server_tz
6.27
show_smtp_config
6.28
test_remedy
6.29
test_smtp
7
Audit Vault Control (AVCTL) Reference
7.1
-help
7.2
load_warehouse
7.3
purge_warehouse
7.4
show_agent_status
7.5
show_av_status
7.6
show_collector_status
7.7
show_remedy_status
7.8
show_smtp_status
7.9
start_agent
7.10
start_av
7.11
start_collector
7.12
stop_agent
7.13
stop_av
7.14
stop_collector
7.15
AVCTL Commands Used for Release 10.2.3.1 Collection Agents
7.15.1
show_oc4j_status
7.15.2
start_oc4j
7.15.3
stop_oc4j
8
Audit Vault Oracle Database (AVORCLDB) Utility Commands
8.1
avorcldb
8.2
add_collector
8.3
add_source
8.4
alter_collector
8.5
alter_source
8.6
drop_collector
8.7
drop_source
8.8
-help
8.9
setup
8.10
verify
9
Audit Vault SQL Server (AVMSSQLDB) Utility Commands
9.1
avmssqldb
9.2
add_collector
9.3
add_source
9.4
alter_collector
9.5
alter_source
9.6
drop_collector
9.7
drop_source
9.8
-help
9.9
setup
9.10
verify
10
Audit Vault Sybase ASE (AVSYBDB) Utility Commands
10.1
avsybdb
10.2
add_collector
10.3
add_source
10.4
alter_collector
10.5
alter_source
10.6
drop_collector
10.7
drop_source
10.8
-help
10.9
setup
10.10
verify
11
Audit Vault IBM DB2 (AVDB2DB) Utility Commands
11.1
avdb2db
11.2
add_collector
11.3
add_source
11.4
alter_collector
11.5
alter_source
11.6
drop_collector
11.7
drop_source
11.8
-help
11.9
verify
12
REDO Collector Database Reference
12.1
About the Recommended Settings for the REDO Collector
12.2
Recommended Oracle Streams Supplemental Logging
12.3
Oracle Database 11
g
Release 2 (11.2) Audit Source Parameter Recommendations
12.4
Oracle Database 11
g
Release 1 (11.1) Audit Source Parameter Recommendations
12.5
Oracle Database 10
g
Release 2 (10.2) Audit Source Parameter Recommendations
12.6
Oracle Database 10
g
Release 1 (10.1) Audit Source Parameter Recommendations
12.7
Oracle9
i
Database Release 2 (9.2) Audit Source Parameter Recommendations
A
Troubleshooting an Oracle Audit Vault System
A.1
Location of Audit Vault Server Log and Error Files
A.2
Location of Audit Vault Collection Agent Log and Error Files
A.3
Troubleshooting Tips
A.3.1
Checking Trace Files for Detailed Information About Oracle Database Errors
A.3.2
Troubleshooting Audit Vault Server
A.3.2.1
Tuning Audit Vault Server Performance for the REDO Collector
A.3.3
Troubleshooting Audit Vault Collection Agent
A.3.3.1
Blank Status on Windows Services Panel for Audit Vault Agent
A.3.3.2
Debugging a Collection Agent Problem
A.3.3.3
The Agent OC4J or Audit Vault Console OC4J Failing to Start
A.3.3.4
Failed Source Database Connection Due to Invalid Wallet Credentials
A.3.4
Troubleshooting the Audit Vault Collectors
A.3.4.1
ORA-01031 Error When You Try to Create a an Oracle Database Collector
A.3.4.2
Oracle Source Database DBAUD Log Errors When Starting DBAUD Collector
A.3.4.3
DBAUD Collector Does Not Start and the Listener Is Not Available
A.3.4.4
Not Sure if the DBAUD and OSAUD Collectors Are Working
A.3.4.5
ORA-01017 Error When You Try to Start the DBAUD or REDO Collectors
A.3.4.6
MSSQLDB, SYBDB, or DB2 Collector Log Indicates Jar File Is Missing
A.3.4.7
Collector Unable to Connect to the Source Database
A.3.4.8
Failure of the Computer on Which a Collector Resides
A.3.4.9
DB2 Collector Connection Being Denied Due to Lack of License
A.3.5
Troubleshooting Oracle Audit Vault Console
A.3.5.1
Audit Vault Console Not Appearing in the Web Browser
A.3.5.2
Audit Vault Console Problem Requiring Debugging
A.3.5.3
Oracle RAC Node Containing the Audit Vault Console Becomes Disabled
A.3.6
Troubleshooting the Oracle Audit Vault Audit Reports
A.3.6.1
Oracle Audit Vault Reports Not Displaying
A.3.6.2
Oracle Audit Vault Reports Not Showing Any Data
A.3.6.3
Not Sure if Audit Data Is Appearing in the Data Warehouse
A.3.6.4
Advanced Alerts Unable to Fire and New Alerts Cannot Be Created
A.3.7
Troubleshooting Oracle Audit Vault in an Oracle Real Application Clusters Environment
A.3.7.1
avca drop_agent Command Failing
B
Oracle Audit Vault Error Messages
B.1
Audit Vault Server Error Messages
B.1.1
Generic Error Codes
B.1.2
Source Database and Event Error Codes
B.1.3
Collector Error Codes
B.1.4
Attribute Definition Error Codes
B.1.5
Alert Error Codes
B.1.6
Server-Side Audit Service Error Messages
B.1.7
Data Warehouse Error Messages
B.1.8
Other Audit Vault Policy Error Messages
B.2
Oracle Audit Vault Client Error Messages
B.2.1
General Error Messages
B.2.2
CSDK Error Messages
B.2.3
Command-Line Interface Error Messages
B.2.4
OSAUD Collector Error Messages
B.2.5
DBAUD Collector Error Messages
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.