17 Tuning the Audit Vault Server

With use the Audit Vault Server database might run into performance issues. Adjusting database parameters to tune the Audit Vault Server to your needs will help resolve performance issues.

17.1 Preventing Shutdown of the Listener Due to Too Many Audit Trails

If there are more than 1024 audit trails on a single Audit Vault Server, the database listener might shutdown with errors TNS-01159: Internal connection limit has been reached; listener has shut down and TNS-12540: TNS:internal limit restriction exceeded. Adjust the MAX_ALL_CONNECTIONS_LISTENER parameter to resolve the issue.

Steps to adjust the MAX_ALL_CONNECTIONS_LISTENER parameter:

1. Stop all the audit trails running on the Audit Vault Server and the Audit Vault Agent.

2. Log in to the appliance through SSH and switch to the root user.

   See Logging In to Oracle AVDF Appliances Through SSH.

3. Stop the following services by running the following commands:

   systemctl stop monitor
   systemctl stop javafwk
   systemctl stop controller
   systemctl stop dbfwlistener

4. Make a backup copy of the listener.ora file:

   cp /var/lib/oracle/dbfw/network/admin/listener.ora /var/lib/oracle/dbfw/network/admin/listener.ora.backup

5. Open the listener.ora file for editting:

   vi listener.ora

6. Add the following line in the listener.ora file:

   MAX_ALL_CONNECTIONS_LISTENER=Number of trails | Number of trails > 1024

   For example, if you have 1500 audit trails running:

   MAX_ALL_CONNECTIONS_LISTENER=1500

   It will be necessary to adjust this number if you intend to start more audit trails in the future.

7. Start the previously stopped services by running the following commands:

   systemctl start monitor
   systemctl start javafwk
   systemctl start controller
   systemctl start dbfwlistener

8. Start the audit trails that were previously stopped on the Audit Vault Server and the Audit Vault Agent.