With Oracle Fusion Middleware 11g, you have the option of setting up the Oracle Fusion Middleware Audit Framework service, which provides a centralized audit framework for middleware products.
The framework provides audit service for the following:
Middleware Platform - Includes Java components, such as Oracle Platform Security Services (OPSS) and Oracle Web Services, that are leveraged by applications deployed in the middleware. Indirectly, all deployed applications leveraging these Java components benefit from the audit framework auditing events that occur at the platform level.
JavaEE applications - The objective is to provide a framework for JavaEE applications, starting with Oracle's own Java components. JavaEE applications will be able to create application-specific audit events. In the current release, the Java EE components using the Oracle Fusion Middleware Audit Framework are internal Oracle components.
System components - For system components in the middleware that are managed by Oracle Process Manager and Notification Server (OPMN), the audit framework also provides an end-to-end service similar to that for Java components.
See the "Introduction to Oracle Fusion Middleware Audit Framework" chapter in the Oracle Fusion Middleware Application Security Guide for more introductory information about Oracle Fusion Middleware Audit Framework.
Out of the box, Audit Framework uses the file system to store audit records. In a production environment, however, Oracle recommends that you use a database audit store to provide scalability and high availability for the audit framework. In high availability configurations, Oracle recommends that you use an Oracle Real Application Clusters (Oracle RAC) database as the database audit store.
See "Configuring and Managing Auditing" in the Oracle Fusion Middleware Application Security Guide to configure auditing.
When you set up Audit Framework with an Oracle RAC database audit store, you must manually configure the following:
Data sources and multi data sources for the audit data source using WebLogic Server
The JDBC string for the OPMN loader in the opmn.xml file
The following sections provide additional information specific to configuring auditing when an Oracle RAC database is used as the audit data store.
To set up the audit data source and multi data sources for an Oracle RAC database, see "Managing the Audit Store" in the Oracle Fusion Middleware Application Security Guide. Use the information in the "Set Up Audit Data Sources" section to set up the audit data sources and the information in the "Multiple Data Sources" section to configure an Oracle RAC database as the audit data store.
Follow the "Set Up Audit Data Sources" section to set up the audit data sources. To use an Oracle RAC database as the audit data store, you must create two individual data sources pointing to each individual Oracle RAC instance where the audit schemas are installed. The following settings are required:
The connection URL should be in the following format:
Note that the service name and instance name are required, in addition to the host and port.
The driver used is
The following property should be set:
<property> <name>oracle.net.CONNECT_TIMEOUT</name> <value>10000</value> </property>
The following settings are required for the individual data sources:
test-table-name: SQL SELECT 1 FROM DUAL
Use the information in the "Multiple Data Sources" section to configure an Oracle RAC database as the audit data store. Create a multi data source with JNDI name jdbc/AuditDB. This multi data source should point to the individual data sources you created.
The following settings are required for the multi data source:
data-source-list: point to a list of comma separated child data sources ("JDBC Data Source-0,JDBC Data Source-1"). This list is the same set of data sources that you created for each individual node of the Oracle RAC database.
If you have an audit store configured, Oracle Process Manager and Notification Server (OPMN) manages several system components running in WebLogic Server. For these components, OPMN pushes the audit events to the database audit store.
The "Configure a Database Audit Store for System Components" section in the Oracle Fusion Middleware Application Security Guide describes how to set up the OPMN startup audit loader.
During the setup of the OPMN startup audit loader, you must modify the
rmd-definitions element in the
opmn.xml file. By default, the
rmd-definitions element includes a JDBC string for a single instance database in this format:
When you are using an Oracle RAC database as the audit data store, you must use a JDBC string for an Oracle RAC database in the following format in the
jdbc:oracle:thin@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL= tcp)(HOST=node1-vip)(PORT=1521))(ADDRESS=(PROTOCOL=tcp)(HOST=node2-vip)(PORT=1521) ))(CONNECT_DATA=SERVICE_NAME=service-name.example.com)))
If you also need to configure the Oracle RAC database audit store for Java components, refer to the instructions in the "Configure a Database Audit Store for Java Components" section in the Oracle Fusion Middleware Application Security Guide.