Contact Oracle support to request logs specific to your account. You can only request logs for the last 90 days, logs beyond 90 days are automatically purged.
Depending on the size of the logs, they are either uploaded to your support ticket or shipped to your destination via ftp or sftp.
Authentication
To validate user identities, EnterpriseTrack supports (User ID and password) forms-based authentication, LDAP/Active Directory-based authentication, and various Single Sign-On (SSO)-based authentication mechanisms, including those based on SAML.
- User Password is the default mode for EnterpriseTrack. In User Password mode, the EnterpriseTrack database acts as the authority and the application handles the authentication of the user who is logging into that application.
- Active Directory (AD)/LDAP EnterpriseTrack can use an AD/LDAP server for user authentication. The server's details, such as its LDAP Provider URL, must be specified in EnterpriseTrack.
- Single Sign-On (SSO) EnterpriseTrack supports SAML-based SSO and can use the user's Identity Provider to authenticate users. No additional SAML service provider software is needed.
Authorization
Grant authorization carefully to all appropriate EnterpriseTrack users. To protect against unauthorized access to your critical information, EnterpriseTrack supports fine-grained Roles-Based Authorization to control access to various objects and operations within the application.
To help you with security planning, EnterpriseTrack roles/permissions settings are configured by the Solution Architect using the requirements collected from the customer. These are detailed in the EnterpriseTrack User's Guide and the EnterpriseTrack Application Administrator's Guide.
Confidentiality
Confidentiality ensures only authorized users see stored and transmitted information. In addition to the documentation included with other applications and hardware components, follow the EnterpriseTrack-specific guidance below:
- For data in transit, use TLS with recommended and strong cipher suites to protect network connections among modules. If you use LDAP or SSO authentication, ensure you use LDAPS to connect to the directory server.
- For data at rest, refer to the documentation included with the database server for instructions on securing the database.
- For encryption in transit, use HTTPS by default.
- For encryption at rest, Total Data Encryption (TDE) in Oracle DB is available on demand for all new Cloud customer deployments. Existing Cloud customers may need to go through a migration in order to apply TDE if it is not applied already.