B スキーマ
Oracle AVDFでは、これらのスキーマをプラグインのマニフェスト・ファイルおよび収集プラグインに使用します。
B.1 plugin-manifest.xmlファイルのサンプル・スキーマ
作成するplugin-manifest.xmlファイルを検証するには、plugin-manifest.xml fileファイルのサンプル・スキーマを使用することをお薦めします。
例B-1 plugin-manifest.xsdファイルのサンプル
<?xml version="1.0" encoding="utf-8"?>
<!-- This schema defines the structure of the Oracle Audit Vault Plugin -->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns="http://foobar.example.com/av/plugin"
targetNamespace="http://foobar.example.com/av/plugin"
elementFormDefault="qualified">
<xs:element name="plugin">
<xs:complexType>
<xs:sequence>
<xs:element name="targetVersion">
<xs:complexType>
<xs:attribute name="min" type="xs:string" use="required" />
</xs:complexType>
</xs:element>
<xs:element name="extensionSet">
<xs:complexType>
<xs:sequence>
<xs:element name="extensionPoint">
<xs:complexType>
<xs:sequence>
<xs:element name="fileList">
<xs:complexType>
<xs:sequence>
<xs:element name="jars" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="templates" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="bin" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="config" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="shell" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="patch" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="unresolved-external" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" name="include">
<xs:complexType>
<xs:attribute name="file" type="xs:string" use="required" />
<xs:attribute name="permission" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="securedTargetTypeInfo">
<xs:complexType>
<xs:attribute name="name" type="xs:string" use="required" />
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" maxOccurs="unbounded" name="trailInfo">
<xs:complexType>
<xs:sequence>
<xs:element name="trailType" type="xs:string" />
<xs:element minOccurs="0" name="trailLocation" type="xs:string" />
<xs:element maxOccurs="unbounded" name="className">
<xs:complexType>
<xs:attribute name="name" type="xs:string" use="required" />
<xs:attribute name="securedTargetVersion" type="xs:decimal" use="optional" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" maxOccurs="unbounded" name="eventPatch">
<xs:complexType>
<xs:attribute name="name" type="xs:string" use="required" />
<xs:attribute name="order" type="xs:unsignedByte" use="required" />
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="type" type="xs:string" use="required" />
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="xs:string" use="required" />
<xs:attribute name="id" type="xs:string" use="required" />
<xs:attribute name="version" type="xs:string" use="required" />
<xs:attribute name="provider-name" type="xs:string" use="required" />
<xs:attribute name="copyright" type="xs:string" use="optional" />
</xs:complexType>
</xs:element>
</xs:schema>B.2 データベース表の収集プラグインのマッパー・ファイル
Oracle Audit Vault and Database Firewallデータベース表の収集プラグインのマッパー・ファイルの例を示します。
独自のプラグインのマッパー・ファイルの作成方法については、この例の構造を確認してください。
例B-2 データベース表の収集プラグインのマッパー・スキーマ
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tnp="http://foobar.example.com/avdf/ezcollector/namepattern" elementFormDefault="qualified">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<xsd:import schemaLocation="NamePattern_schema.xsd" namespace="http://foobar.example.com/avdf/ezcollector/namepattern" />
<!-- XML Document Structure-->
<xsd:element name="AVTableCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<!-- Audit table name -->
<xsd:element name="TableName" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<xsd:element name="NamePattern" type="tnp:NamePatternType" minOccurs="0" maxOccurs="1"/>
<!-- Database connection information -->
<xsd:element name="ConnectionInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<!-- JDBC datasource class -->
<xsd:element name="DataSource" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.3 XMLファイルの収集プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallのXMLファイルの収集プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、マッパー・スキーマの設定方法を示します。
例B-3 XMLファイルの収集プラグインのマッパー・スキーマ
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVXMLCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- tag for specifying xsl transformation related information -->
<xsd:element name="XslTransformation" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- tag to specify name of XSL file-->
<xsd:element name="XslFile" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<!-- tag for specifying Root element of source XML Audit data file to be transformed-->
<xsd:element name="SourceFileStartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.4 JSONファイルの収集プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallのJSONファイルの収集プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、マッパー・スキーマの設定方法を示します。
例B-4 JSONファイルの収集プラグインのマッパー・スキーマ
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVJSONCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.5 CSVファイルの収集プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallでのCSVファイル収集プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、マッパー・スキーマの設定方法を示します。
例B-5 CSVファイルの収集プラグインのマッパー・スキーマ
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVCSVCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.6 JSON RESTの収集プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallのJSON RESTの収集プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、マッパー・スキーマの設定方法を示します。
例B-6 JSON RESTの収集プラグインのマッパー・スキーマ
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd" />
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ParamType">
<xsd:attribute name="Name" type="xsd:string" use="required"/>
<xsd:attribute name="Value" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="AuthenticationParamType">
<xsd:sequence>
<xsd:element name="Param" type="ParamType" minOccurs="0" maxOccurs="20" />
</xsd:sequence>
</xsd:complexType>
<!-- XML Document Structure -->
<xsd:element name="AVRESTCollectorTemplate">
<xsd:complexType>
<xsd:all>
<xsd:element name="ResourceName" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="ServiceDetails" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="QueryFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="TimeFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="NextLink" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="NextLinkStartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="NextLinkPattern" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RESTAuthentication" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="BasicAuth" minOccurs="0" maxOccurs="1"> </xsd:element>
<xsd:element name="OAuth2.0" minOccurs="0"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="grant_type" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="scope" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="Custom" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="authentication_class" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="AuthenticationParam" type="AuthenticationParamType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension
fields and Marker -->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType"
minOccurs="1" maxOccurs="1" />
<!-- Event Filter. This is optional. If it is not used, all the audit
events will be collected -->
<xsd:element name="EventFilter" type="EventFilterType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
<!-- Secured Target Type -->
<xsd:attribute name="securedTargetType" type="xsd:string"
use="required" />
<!-- Max Secured Target version supported by the template -->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string"
use="required" />
<!-- Min Secured Target version supported by the template -->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string" />
<!-- Template file version -->
<xsd:attribute name="version" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.7 RESTコレクタ・プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallのRESTコレクタ・プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、スキーマの設定方法を示します。
例B-7 RESTコレクタ・プラグインのマッパー・ファイル
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd" />
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ParamType">
<xsd:attribute name="Name" type="xsd:string" use="required"/>
<xsd:attribute name="Value" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="AuthenticationParamType">
<xsd:sequence>
<xsd:element name="Param" type="ParamType" minOccurs="0" maxOccurs="20" />
</xsd:sequence>
</xsd:complexType>
<!-- XML Document Structure -->
<xsd:element name="AVRESTCollectorTemplate">
<xsd:complexType>
<xsd:all>
<xsd:element name="ResourceName" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="ServiceDetails" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="QueryFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="TimeFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="NextLink" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="NextLinkStartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="NextLinkPattern" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RESTAuthentication" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="BasicAuth" minOccurs="0" maxOccurs="1"> </xsd:element>
<xsd:element name="OAuth2.0" minOccurs="0"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="grant_type" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="scope" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="Custom" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="authentication_class" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="AuthenticationParam" type="AuthenticationParamType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension
fields and Marker -->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType"
minOccurs="1" maxOccurs="1" />
<!-- Event Filter. This is optional. If it is not used, all the audit
events will be collected -->
<xsd:element name="EventFilter" type="EventFilterType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
<!-- Secured Target Type -->
<xsd:attribute name="securedTargetType" type="xsd:string"
use="required" />
<!-- Max Secured Target version supported by the template -->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string"
use="required" />
<!-- Min Secured Target version supported by the template -->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string" />
<!-- Template file version -->
<xsd:attribute name="version" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.8 名前パターンの収集プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database Firewallの名前パターンの収集プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、スキーマの設定方法を示します。
例B-8 名前パターンの収集プラグインのマッパー・ファイル
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://foobar.example.com/avdf/ezcollector/namepattern" targetNamespace="http://foobar.example.com/avdf/ezcollector/namepattern" elementFormDefault="qualified" >
<!--Name Pattern-->
<xsd:simpleType name="DateFormatValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="yyyy_MM_dd"/>
<xsd:enumeration value="dd_MM_yyyy"/>
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="NameFormatDateType">
<xsd:all>
<xsd:element name="Format" type="DateFormatValues" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Inc" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
<xsd:complexType name="NameFormatNumberType">
<xsd:all>
<xsd:element name="Format" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Inc" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
<xsd:complexType name="NameFormat">
<xsd:choice>
<xsd:element name="DateFormat" type="NameFormatDateType"/>
<xsd:element name="NumberFormat" type="NameFormatNumberType"/>
<xsd:element name="StringFormat" type="xsd:string"/>
</xsd:choice>
</xsd:complexType>
<xsd:complexType name="NamePatternType">
<xsd:choice>
<xsd:element name="RollNamePattern">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1000"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="IncrementNamePattern">
<xsd:complexType>
<xsd:all>
<!-- Type and Format of the pattern Type Date, Format yyyy_MM_dd -->
<xsd:element name="NamePrefix" type="NameFormat" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Name" type="NameFormat" minOccurs="1" maxOccurs="1"/>
<xsd:element name="NameSuffix" type="NameFormat" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:schema>
B.9 JSONコレクタ・プラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database FirewallのJSONコレクタ・プラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、スキーマの設定方法を示します。
例B-9 JSONコレクタ・プラグインのマッパー・ファイル
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVJSONCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.10 ezcollectorプラグインのマッパー・ファイルのスキーマ
Oracle Audit Vault and Database Firewallのezcollectorプラグインのマッパー・ファイルのスキーマを設定する方法を示します。
次の例では、スキーマの設定方法を示します。
例B-10 ezcollectorプラグインのマッパー・ファイル
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!--Existing Set of Core Fields-->
<xsd:simpleType name="CoreFieldValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="EventTimeUTC"/>
<xsd:enumeration value="UserName"/>
<xsd:enumeration value="OSUserName"/>
<xsd:enumeration value="CommandClass"/>
<xsd:enumeration value="TargetObject"/>
<xsd:enumeration value="ClientHostName"/>
<xsd:enumeration value="ClientIP"/>
<xsd:enumeration value="ClientProgramName"/>
<xsd:enumeration value="TargetOwner"/>
<xsd:enumeration value="ErrorId"/>
<xsd:enumeration value="ErrorMessage"/>
<xsd:enumeration value="EventStatus"/>
<xsd:enumeration value="EventName"/>
<xsd:enumeration value="TargetType"/>
<xsd:enumeration value="TerminalName"/>
<xsd:enumeration value="ClientId"/>
</xsd:restriction>
</xsd:simpleType>
<!--Existing Set of Large Fields-->
<xsd:simpleType name="LargeFieldValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="CommandText"/>
<xsd:enumeration value="CommandParam"/>
</xsd:restriction>
</xsd:simpleType>
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ValueTransformationType">
<xsd:attribute name="from" type="xsd:string" use="required"/>
<xsd:attribute name="to" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field FieldTransformation Type-->
<xsd:complexType name="FieldTransformationType">
<xsd:attribute name="from" type="xsd:string" use="required"/>
<xsd:attribute name="to" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="TransformationType">
<xsd:sequence>
<xsd:element name="ValueTransformation" type="ValueTransformationType" minOccurs="0" maxOccurs="2000" />
<xsd:element name="FieldTransformation" type="FieldTransformationType" minOccurs="0" maxOccurs ="2000" />
</xsd:sequence>
</xsd:complexType>
<!--FieldMappingInfo-->
<xsd:complexType name="FieldMappingInfoType">
<xsd:all>
<!-- Core Field Mapping-->
<xsd:element name="CoreFields" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Map" minOccurs="1" maxOccurs ="14">
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="MapTo" type="CoreFieldValues" />
<xsd:element name="TimestampPattern" type="xsd:string" minOccurs="0" maxOccurs="1" />
<xsd:element name="Transformation" type="TransformationType" minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- Large Field Mapping -->
<xsd:element name="LargeFields" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Map" minOccurs="0" maxOccurs="2">
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="MapTo" type="LargeFieldValues" />
<xsd:element name="Transformation" type="TransformationType" minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- List of fields to be mapped to extensible fields-->
<xsd:element name="ExtensionField" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="0" maxOccurs ="500" />
<xsd:element name="ComplexName" minOccurs="0" maxOccurs ="500" >
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="RegExp" type="xsd:string" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- List of fields which uniquely identify each audit record-->
<xsd:element name="MarkerField" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="20"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
<!-- Filter Type-->
<xsd:complexType name="FilterType">
<xsd:sequence>
<!-- Provide all Included or Excluded values for given source field name-->
<xsd:element name="Value" minOccurs="1" maxOccurs="1000" type="xsd:string"/>
</xsd:sequence>
</xsd:complexType>
<!-- Event Filter Type-->
<xsd:complexType name="EventFilterType">
<xsd:sequence>
<!-- Source Field Name through which audit events will be filtered-->
<xsd:element name="FieldName" type="xsd:string"/>
<xsd:choice>
<!-- Use either Include or Exclude to filter audit events-->
<xsd:element name="Include" type="FilterType" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Exclude" type="FilterType" minOccurs="1" maxOccurs="1"/>
</xsd:choice>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>