Index

A  B  C  D  E  F  G  H  I  J  L  M  N  O  P  Q  R  S  T  U  W  X  

A

  • access
  • access report
  • ACFS
    • See: Oracle ACFS
  • action level, defined for firewall policies 5.3.1
  • Actions button 1.10.3
  • Active Directory
    • audit event reference O.1
  • Activity Overview Report 6.8.2.2
  • activity reports A.2
  • ALERT_EVENT_MAP table A.4
  • ALERT_NOTE table A.4
  • ALERT_STORE table A.4
  • alert conditions
  • alert reports, schema for creating A.4
  • alerts
    • about 8.1.1
    • Alerts Page 8.2.1
    • conditions
    • creating 8.2.1
    • creating alert status values 8.5
    • Database Firewall preconfigured alert 8.2.1
    • disabling 8.2.3
    • forwarding to syslog 8.6
    • monitoring 8.3
    • reports 6.8.3
    • responding to 8.4
    • syslog
      • message format, Oracle Audit Vault and Database Firewall 8.6
    • syslog, forwarding to 8.6
  • Analyzed SQL
  • annotating reports 6.6
  • archiving policies
    • setting for secured target 2.2.7
  • attestations, setting in reports 6.5.2
  • attesting to reports 6.6
  • AUDIT_TRAIL table A.2
  • audit events
    • See: events
  • auditing
  • auditors
    • role in Oracle Audit Vault and Database Firewall described 1.3
    • types of 1.3
  • audit policies
    • See: policies
  • audit records, fields in AVDF C
  • audit settings
    • creating additional 4.3
    • recommended for Oracle source database 1.6.1.1.2
    • retrieving from Oracle Database 4.2, 4.2.2
    • scheduled retrieval from Oracle Database 4.2.3
    • specifying as needed 4.2.4
  • Audit Settings page 4.2.1
  • Audit Trail Collection menu 2.2.4.2, 3.5.2
  • audit trails, viewing status of 3.5.2
  • Audit Vault and Database Firewall (AVDF)
    • auditor’s role 1.3
    • documentation, downloading latest 1.1
    • IBM DB2 database requirements 1.6.1.2
    • Oracle Database requirements 1.6.1.1.1
    • SQL Server database requirements 1.6.1.2
    • Sybase Adaptive Server Enterprise database requirements 1.6.1.2
  • Audit Vault Server
    • logging in to UI 1.10.1
    • monitoring alerts from 8.2
  • automated attacks, using login/logout policies 5.3.8.1
  • Available Polices
    • Preconfigured Database Firewall policies 5.1.1
  • AVSYS.ALERT_EVENT_MAP table A.4
  • AVSYS.ALERT_NOTE table A.4
  • AVSYS.ALERT_STORE table A.4
  • AVSYS.AUDIT_TRAIL table A.2
  • AVSYS.EVENT_LOG table A.3
  • AVSYS.SECURED_TARGET_TYPE table A.2
  • AVSYS.SECURED_TARGET table A.2
  • AVSYS.UE_DBA_APPLICATION_ROLES table A.5
  • AVSYS.UE_DBA_COL_PRIVS table A.5
  • AVSYS.UE_DBA_PROFILES table A.5
  • AVSYS.UE_DBA_ROLE_PRIVS table A.5
  • AVSYS.UE_DBA_ROLES table A.5
  • AVSYS.UE_DBA_SYS_PRIVS table A.5
  • AVSYS.UE_DBA_TAB_PRIVS table A.5
  • AVSYS.UE_DBA_USERS table A.5
  • AVSYS.UE_ROLE_SYS_PRIVS table A.5
  • AVSYS.UE_SYS_DBA_OPER_USERS table A.5
  • AVSYS schema structure A.1

B

  • before and after values, creating capture rules for 4.3.6.1
  • blocking
    • in Default Rule 5.3.6.2
    • SQL statements, guidelines 5.3.7
    • substitute statement with, guidelines 5.3.7

C

  • capture rules, for redo log file auditing 4.3.6.1
  • Capture Rule Settings page 4.3.6.3
  • charting data in reports 6.4.2.4.3
  • clusters
  • columns, hiding or showing in reports 6.4.2.3
  • compliance reports 6.10.1
  • Condition Available Fields 8.2.2.2
  • conditions
  • console
    • filtering and sorting lists in 1.10.3
    • reset view of 1.10.3
  • create
  • Critical Alerts Report 6.8.3
  • CSV format, downloading report as 6.3

D

  • data
    • fields in AVDF audit records C
    • masking data 5.3.8.2
  • Database Firewall
  • Database Firewall Alert
  • Database Policy Enforcement (DPE)
    • IPv6, traffic blocked 5.3.1
  • Database Roles by Source Report 7.4.5
  • Database Roles Report 7.4.5
  • databases
    • Database Roles Report 7.4.5
    • requirements for auditing 1.6.1
  • Database Vault Activity report 6.11.2
  • data masking 5.3.8.2
  • data warehouse schema A.1
  • DB2
    • See: IBM DB2
  • DB Client Sets, in firewall policies 5.3.2, 5.4.1, 5.4.2
  • DB User Sets, in firewall policies 5.3.2, 5.4.1, 5.4.2
  • Default Rule
    • firewall policies, procedure for defining 5.3.6.3
    • in firewall policies, about 5.3.6.1
    • in relation to other policies 5.3.6.2
  • Default Rule, defined for firewall policies 5.2.4
  • default settings in reports, reverting to 6.4.2.5
  • deleting user accounts 3.1.7
  • Deployed column, Firewall Policy page 5.5.3
  • dimension tables A.1
  • disabling alerts 8.2.3
  • display settings, in reports 6.4.2.1
  • distribution lists, creating 3.2.2
  • documentation, AVDF, downloading latest 1.1
  • Drop connection 5.3.8.4

E

  • email notifications
    • about 3.2.1
    • creating a distribution list 3.2.2
    • creating an email template 3.2.3
  • encrypted traffic, and firewall policies 5.3.4.3
  • enforcement points, viewing status of 3.5.1
  • Enforcement Points menu 2.2.6.2, 3.5.1
  • entitlement reports
    • See: reports, entitlement
    • data for creating A.5
    • labels 7.3.3
    • snapshots 7.3.3
    • viewing by snapshots and labels 7.3.2
  • entitlements
    • checking retrieval status 2.2.2
    • jobs monitoring 3.6
    • managing data, general steps for using 7.1
    • retrieving data from Oracle Database 2.2.2
    • scheduling retrieval 2.2.2
    • snapshots and labels, about 7.3.1
  • entitlement snapshots
    • about 7.2.1
    • viewing snapshot and label audit data 7.3.1
  • ErrorMessage (EM), include in syslog message 3.4
  • EVENT_LOG table A.3
  • event handlers
  • event reports, data for creating A.3
  • events
    • Active Directory audit events O.1
    • IBM DB2 audit events I.1
    • Linux audit events M
    • Microsoft SQL Server audit events G.1
    • MySQL audit events J
    • Oracle ACFS audit events N
    • Oracle Database audit events D.1
    • Solaris audit events K
    • Sybase ASE audit events F
    • Windows audit events L
  • exception
    • creating in firewall policies 5.3.3.1
  • exceptions
    • defining session filters in firewall policies 5.3.2
    • order of applying in firewall policies 5.3.3.3

F


G

  • generate
    • reports using sample template 3.3.4
    • XML file 3.3.3
  • generated reports
    • downloading 6.5.4
    • Notify 6.5.4
    • Show Pending Reports
      • Show Pending Reports 6.5.4
  • generating built-in reports 6.2
  • global settings for firewall policies 5.3.8.4
  • group access

H

  • hiding columns in reports 6.4.2.3
  • highlighting data in reports 6.4.2.4.2
  • Home page
  • HTML, downloading report as 6.3

I

  • IBM DB2
    • audit event reference I.1
    • requirements for audit data collection 1.6.1.2
  • Interactive Reports 6.4.1, 6.4.3
  • IP Address Sets, in firewall policies 5.3.2, 5.4.1, 5.4.2
  • IPv6, traffic blocked 5.3.1
  • IRS Publication 1075 reports 6.10.3

J

  • jobs, monitoring 3.6

L

  • labels
    • about 7.2.1
    • assigning to snapshots 7.2.3
    • using to compare entitlement data 7.3.3
    • viewing data 7.3.1
    • viewing entitlement reports by 7.3.2
    • when used in entitlement reports 7.3.1
  • Linux Operating System
    • audit event reference M
  • Linux SU SUDO transition reports 6.8.4
  • lists, finding objects in console UI 1.10.3
  • locked user accounts
  • logging
    • level, defined for firewall policies 5.3.1
  • logging in, to Audit Vault Server UI 1.10.1
  • login policies for database users 5.3.8.1
  • logout policies for database users 5.3.8.1

M

  • main records, pulling column from report 6.4.2.4.4
  • Match All Tables, in Novelty Policy 5.3.5.3
  • Match Any Table, in Novelty Policy 5.3.5.3
  • metadata for activity reports A.2
  • Microsoft SQL Server
    • audit event reference G.1
    • requirements for audit data collection 1.6.1.2
  • modify
  • monitoring alerts 8.3
  • MySQL
    • audit event reference J

N

  • network encryption, and firewall policies 5.3.4.3
  • notifications, setting in reports 6.5.2
  • Notify
    • on generated reports 6.5.4
  • Novelty Policy
    • creating in firewall policies 5.3.5.2
    • examples 5.3.5.4
    • Match All Tables 5.3.5.3
    • Match Any Table 5.3.5.3
    • matching statement classes only, order of applying 5.3.5.3
    • matching statement examples 5.3.5.4
    • order of applying in firewall policies 5.3.5.3
    • statement matches multiple 5.3.5.3
  • null values, sorting in reports 6.4.2.4.1

O

  • Object Privileges by Source Report 7.4.7
  • Object Privileges Report 7.4.7
  • objects
    • See: schema object auditing
  • objects being audited
    • Object Privileges by Source Report 7.4.7
    • Object Privileges Report 7.4.7
  • Object Settings page 4.3.3.3
  • Oracle ACFS
    • audit event reference N
  • Oracle Database
    • audit event reference D.1
    • audit settings
      • creating additional 4.3
      • recommended in the database 1.6.1.1.2
      • retrieving in Audit Vault and Database Firewall 4.2.2
      • retrieving in AVDF 4.2
      • scheduled retrieval 4.2.3
    • checking audit settings in source database 1.6.1.1.1
    • requirements for audit data collection 1.6.1.1.1
    • unified audit policies, 12c 4.1
    • version 9i, and audit policy 4.2.2
  • Oracle Database In-Memory 6.2
  • Oracle Database Vault, provisioning audit policy to database that uses 4.4.2
  • OS User Sets, in firewall policies 5.3.2, 5.4.1, 5.4.2
  • Overview Page, of firewall policy 5.2.4

P

  • passwords
  • PDF, format for scheduling report 6.5.2
  • PDF/XLS Reports 6.7
  • policies
    • audit
      • about 4.1
      • creating, general steps for 4.1.1
      • exporting Audit Vault and Database Firewall audit settings to SQL script 4.4.1, 4.4.2
      • fine-grained auditing 4.3.5.1
      • fine grained auditing, defining 4.3.5.2
      • privilege auditing 4.3.4.1, 4.3.4.2
      • privileges auditing 4.3.4
      • provisioning to Oracle Database 4.4.1, 4.4.2
      • redo log files 4.3.6
      • redo log files, capture rules for 4.3.6.1
      • schema object auditing 4.3.3.1
      • schema object auditing, defining 4.3.3.2
      • SQL statement auditing 4.3.2.1
    • firewall
    • IPv6, traffic blocked 5.3.1
  • policy controls, in firewall policies 5.3.2
  • policy reports 6.8.5
  • Policy tab, described 1.10.2
  • privilege auditing
    • statement auditing, compared with 4.3.4.1
    • System Privileges by Source Report 7.4.6
    • System Privileges Report 7.4.6
  • Privilege Audit Settings page 4.3.4.3
  • Privileged Users by Source Report 7.4.8
  • Privileged Users Report 7.4.8
  • privileges
    • auditing 4.3.4
    • Privileged Users by Source Report 7.4.8
    • Privileged Users Report 7.4.8
  • procedures
    • See: SQL statement auditing
  • profiles
    • creating in firewall policies 5.4.2
    • defining session filters for 5.3.2
    • in firewall policies, about 5.4.1
  • Profiles, in firewall policies 5.3.2
  • provisioning, audit policies to Oracle Database 4.4.1, 4.4.2

Q


R

  • redo log files
    • auditing 4.3.6
    • defining capture rule for audit policy 4.3.6.2
  • relevant columns
  • Remove from Policy button 5.3.4.2
  • report definition file, for creating custom reports 6.7
  • reports
    • about 6.1
    • accessing 6.2
    • Access Reports 6.8.2.1
    • access sensitive data 6.12.3
    • activity, metadata for A.2
    • Activity Overview Report 6.8.2.2
    • adding your own 6.7
    • alert
      • schema for creating A.4
    • alert reports 6.8.3
    • All Alerts Report 6.8.3
    • annotating 6.6
    • attestations 6.5.2
    • attesting to 6.6
    • browsing 6.2
    • built-in, generating 6.2
    • columns
    • compliance 6.10.1
    • compliance, associating secured targets with 6.10.2
    • creating charts 6.4.2.4.3
    • Critical Alerts Report 6.8.3
    • CSV, downloading as 6.3
    • customizing 6.4
    • customizing data display 6.4.2
    • Data Access Report 6.8.2.5
    • Database Firewall 6.11
    • Database Firewall policy reports 6.8.5
    • Database Vault 6.11.2
    • data collected for 6.1
    • downloading as CSV or HTML 6.3
    • entitlement
      • about 7.4.1
      • Database Roles by Source Report 7.4.5
      • Database Roles Report 7.4.5
      • data for creating A.5
      • general steps for using 7.1
      • labels 7.3.1
      • Object Privileges by Source Report 7.4.7
      • Object Privileges Report 7.4.7
      • Privileged Users by Source Report 7.4.8
      • Privileged Users Report 7.4.8
      • snapshots 7.3.1
      • System Privileges by Source Report 7.4.6
      • System Privileges Report 7.4.6
      • User Accounts by Source Report 7.4.2
      • User Accounts Report 7.4.2
      • User Privileges by Source Report 7.4.3
      • User Privileges Report 7.4.3
      • User Profiles by Source Report 7.4.4
      • User Profiles Report 7.4.4
    • event, data for A.3
    • filtering
    • filtering and display settings 6.4.2.1
    • formatting 6.5.1
    • generation, status of job 6.5.2
    • hiding columns 6.4.2.3
    • highlighting rows 6.4.2.4.2
    • HTML, downloading as 6.3
    • import sensitive data 6.12.2
    • Interactive Reports 6.4.1
    • IRS Publication 1075 6.10.3
    • jobs monitoring 3.6
    • Linux SU SUDO transition 6.8.4
    • notifications 6.5.2
    • Oracle Database 6.11
    • PDF/XLS Reports menu 6.7
    • PDF generation 6.5.1
    • resetting display values to defaults 6.4.2.5
    • retention policy 6.5.2
    • running faster for in memory date range 6.2
    • Saved Interactive Reports 6.4.3
    • scheduling 6.5.1, 6.5.2
    • secured target names, changing 6.2
    • sending to other users 6.5.1
    • sensitive data 6.12.2
    • setting retention time 6.5.1
    • sorting data
    • specialized reports 6.11.1
    • specifying auditors to attest to 6.5.1
    • status of generation job 6.5.2
    • stored procedure auditing 6.8.7
    • timestamps, online browsing 6.2
    • timestamps, PDF/XLS 6.2, 6.5.1
    • user-defined, accessing 6.4.4
    • viewing PDF/XLS generated reports 6.5.3
    • Warning Alerts Report 6.8.3
    • who can access 6.1
    • XLS, downloading as 6.5.4
  • Reports tab, described 1.10.2
  • report template
  • reset Audit Vault Server console view 1.10.3
  • retention policies
    • and reports 6.5.2
    • setting for secured target 2.2.7
  • Retrieve User Entitlement Data, checking status of 2.2.2
  • RTF, report template 6.7

S

  • Sarbanes-Oxley Act 4.3.4.1
    • See also: compliance reports
    • privilege auditing to meet compliance 4.3.4.1
  • saved reports 6.4.1, 6.4.3
  • schedules
    • creating for entitlements 2.2.2
    • creating for reports 6.5.2
  • schema object auditing 4.3.3.1
    • defining audit policy 4.3.3.2
    • Object Privileges by Source Report 7.4.7
    • Object Privileges Report 7.4.7
  • schema reference for Oracle Audit Vault and Database Firewall A.1
  • SECURED_TARGET_TYPE table A.2
  • SECURED_TARGET table A.2
  • secured targets
    • access, controlling by user 3.1.4.2
    • assigning firewall policy 5.5.3
    • changing the firewall policy 5.5.3
    • introduction 1.4
    • name change, and reports 6.2
    • retention policies 2.2.7
  • Secured Targets tab, described 1.10.2
  • security, and Default Rule block action 5.3.6.2
  • Settings, in firewall policies 5.3.2
  • Settings tab, described 1.10.2
  • showing columns in reports 6.4.2.3
  • snapshots
    • about 7.2.1
    • assigning labels to 7.2.3
    • creating 7.2.2
    • deleting 7.2.2
    • using to compare entitlement data 7.3.3
    • viewing data 7.3.1
    • viewing entitlement reports by 7.3.2
    • when used in entitlement reports 7.3.1
  • Solaris Operating System
    • audit event reference K
  • sorting
  • specialized reports 6.11.1
  • SQL script, exporting audit policy settings to 4.4.1
  • SQL Server
    • See: Microsoft SQL Server
  • SQL statement auditing
  • SQL statements
  • Statement Audit Settings page 4.3.2.3
  • statements
    • See: SQL statement auditing
  • stored procedure auditing (SPA), reports described 6.8.7
  • substitute statements
    • cannot apply to certain SQL commands 5.3.7
    • when blocking SQL in firewall policies 5.3.7
  • super auditor role 1.3
  • Sybase Adaptive Server Enterprise
    • requirements for audit data collection 1.6.1.2
  • Sybase ASE
    • audit event reference F
  • syslog
    • alert message format, Oracle Audit Vault and Database Firewall 8.6
    • alert templates 3.4
    • forwarding alerts to 8.6
  • System Privileges by Source Report 7.4.6
  • System Privileges Report 7.4.6

T

  • template, for custom reports 6.7
  • templates
    • alert syslog 3.4
    • email notifications 3.2.3
  • threat severity, defined for firewall policies 5.3.1
  • timestamps
  • troubleshooting
    • database auditing not enabled 1.6.1
    • latest audit data not appearing in reports 6.8.2.2

U

  • UE_DBA_APPLICATION_ROLES table A.5
  • UE_DBA_COL_PRIVS table A.5
  • UE_DBA_PROFILES table A.5
  • UE_DBA_ROLE_PRIVS table A.5
  • UE_DBA_ROLES table A.5
  • UE_DBA_SYS_PRIVS table A.5
  • UE_DBA_TAB_PRIVS table A.5
  • UE_DBA_USERS table A.5
  • UE_ROLE_SYS_PRIVS table A.5
  • UE_ROLE_TAB_PRIVS table A.5
  • UE_SYS_DBA_OPER_USERS table A.5
  • unified audit policies, Oracle Database 12c 4.1
  • unlock user account 3.1.6
  • user accounts
  • User Accounts by Source Report 7.4.2
  • User Accounts Report 7.4.2
  • user-defined reports, accessing 6.4.4
  • User Privileges by Source Report 7.4.3
  • User Privileges Report 7.4.3
  • User Profiles by Source Report 7.4.4
  • User Profiles Report 7.4.4
  • users
    • Database Roles Report 7.4.5
    • logging in to the Audit Vault Server console 1.10.1
    • Privileged Users by Source Report 7.4.8
    • Privileged Users Report 7.4.8
    • User Accounts Report 7.4.2
    • User Privileges by Source Report 7.4.3
    • User Privileges Report 7.4.3
    • User Profiles by Source Report 7.4.4
    • User Profiles Report 7.4.4

W

  • Warning Alerts Report 6.8.3
  • Windows Event Viewer
    • audit events logged in G.4
    • exception events logged in G.6
  • Windows Operating System
    • audit event reference L

X

  • XLS, format for scheduling report 6.5.2