B Schemas
Oracle AVDF uses these schemas for plug-in manifest files and collection plug-ins.
B.1 Sample Schema for a plugin-manifest.xml file
To validate any plugin-manifest.xml
file that you author,
Oracle recommends that you use the sample schema for a plugin-manifest.xml
file
.
Example B-1 Sample plugin-manifest.xsd file
<?xml version="1.0" encoding="utf-8"?> <!-- This schema defines the structure of the Oracle Audit Vault Plugin --> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://foobar.example.com/av/plugin" targetNamespace="http://foobar.example.com/av/plugin" elementFormDefault="qualified"> <xs:element name="plugin"> <xs:complexType> <xs:sequence> <xs:element name="targetVersion"> <xs:complexType> <xs:attribute name="min" type="xs:string" use="required" /> </xs:complexType> </xs:element> <xs:element name="extensionSet"> <xs:complexType> <xs:sequence> <xs:element name="extensionPoint"> <xs:complexType> <xs:sequence> <xs:element name="fileList"> <xs:complexType> <xs:sequence> <xs:element name="jars" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="templates" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="bin" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="config" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="shell" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="patch" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="unresolved-external" minOccurs="0" maxOccurs="1"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="include"> <xs:complexType> <xs:attribute name="file" type="xs:string" use="required" /> <xs:attribute name="permission" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="securedTargetTypeInfo"> <xs:complexType> <xs:attribute name="name" type="xs:string" use="required" /> </xs:complexType> </xs:element> <xs:element minOccurs="0" maxOccurs="unbounded" name="trailInfo"> <xs:complexType> <xs:sequence> <xs:element name="trailType" type="xs:string" /> <xs:element minOccurs="0" name="trailLocation" type="xs:string" /> <xs:element maxOccurs="unbounded" name="className"> <xs:complexType> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="securedTargetVersion" type="xs:decimal" use="optional" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element minOccurs="0" maxOccurs="unbounded" name="eventPatch"> <xs:complexType> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="order" type="xs:unsignedByte" use="required" /> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="type" type="xs:string" use="required" /> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="name" type="xs:string" use="required" /> <xs:attribute name="id" type="xs:string" use="required" /> <xs:attribute name="version" type="xs:string" use="required" /> <xs:attribute name="provider-name" type="xs:string" use="required" /> <xs:attribute name="copyright" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:schema>
Related Topics
B.2 Database Table Collection Plug-in Mapper File
See an example of an Oracle Audit Vault and Database Firewall database table collection plug-in mapper file.
To see how to create your own plug-in mapper file, review the structure of this example.
Example B-2 Database Table Collection Plug-in Mapper Schema
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tnp="http://foobar.example.com/avdf/ezcollector/namepattern" elementFormDefault="qualified">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<xsd:import schemaLocation="NamePattern_schema.xsd" namespace="http://foobar.example.com/avdf/ezcollector/namepattern" />
<!-- XML Document Structure-->
<xsd:element name="AVTableCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<!-- Audit table name -->
<xsd:element name="TableName" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<xsd:element name="NamePattern" type="tnp:NamePatternType" minOccurs="0" maxOccurs="1"/>
<!-- Database connection information -->
<xsd:element name="ConnectionInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<!-- JDBC datasource class -->
<xsd:element name="DataSource" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.3 Schema For XML File Collection Plug-in Mapper File
See how to set up a schema for an XML file collection plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a mapper schema:
Example B-3 XML file collection plug-in Mapper Schema
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVXMLCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- tag for specifying xsl transformation related information -->
<xsd:element name="XslTransformation" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- tag to specify name of XSL file-->
<xsd:element name="XslFile" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<!-- tag for specifying Root element of source XML Audit data file to be transformed-->
<xsd:element name="SourceFileStartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.4 Schema For JSON File Collection Plug-in Mapper File
See how to set up a schema for a JSON file collection plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a mapper schema:
Example B-4 JSON file collection plug-in Mapper Schema
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVJSONCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.5 Schema For CSV File Collection Plug-in Mapper File
See how to set up a schema for a CSV file collection plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a mapper schema:
Example B-5 CSV file collection plug-in Mapper Schema
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVCSVCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.6 Schema For JSON REST Collection Plug-in Mapper File
See how to set up a schema for a JSON REST collection plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a mapper schema:
Example B-6 JSON REST collection plug-in Mapper Schema
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://foobar.example.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd" />
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ParamType">
<xsd:attribute name="Name" type="xsd:string" use="required"/>
<xsd:attribute name="Value" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="AuthenticationParamType">
<xsd:sequence>
<xsd:element name="Param" type="ParamType" minOccurs="0" maxOccurs="20" />
</xsd:sequence>
</xsd:complexType>
<!-- XML Document Structure -->
<xsd:element name="AVRESTCollectorTemplate">
<xsd:complexType>
<xsd:all>
<xsd:element name="ResourceName" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="ServiceDetails" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="QueryFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="TimeFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="NextLink" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="NextLinkStartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="NextLinkPattern" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RESTAuthentication" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="BasicAuth" minOccurs="0" maxOccurs="1"> </xsd:element>
<xsd:element name="OAuth2.0" minOccurs="0"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="grant_type" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="scope" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="Custom" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="authentication_class" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="AuthenticationParam" type="AuthenticationParamType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension
fields and Marker -->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType"
minOccurs="1" maxOccurs="1" />
<!-- Event Filter. This is optional. If it is not used, all the audit
events will be collected -->
<xsd:element name="EventFilter" type="EventFilterType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
<!-- Secured Target Type -->
<xsd:attribute name="securedTargetType" type="xsd:string"
use="required" />
<!-- Max Secured Target version supported by the template -->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string"
use="required" />
<!-- Min Secured Target version supported by the template -->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string" />
<!-- Template file version -->
<xsd:attribute name="version" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.7 Schema For REST Collector Plug-in Mapper File
See how to set up a schema for a REST collector plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a schema:
Example B-7 REST Collector Plug-in Mapper File
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd" />
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ParamType">
<xsd:attribute name="Name" type="xsd:string" use="required"/>
<xsd:attribute name="Value" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="AuthenticationParamType">
<xsd:sequence>
<xsd:element name="Param" type="ParamType" minOccurs="0" maxOccurs="20" />
</xsd:sequence>
</xsd:complexType>
<!-- XML Document Structure -->
<xsd:element name="AVRESTCollectorTemplate">
<xsd:complexType>
<xsd:all>
<xsd:element name="ResourceName" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file -->
<xsd:element name="StartTag" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="ServiceDetails" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="QueryFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="TimeFormat" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="NextLink" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="NextLinkStartTag" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="NextLinkPattern" type="xsd:string"
minOccurs="1" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RESTAuthentication" minOccurs="1"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="BasicAuth" minOccurs="0" maxOccurs="1"> </xsd:element>
<xsd:element name="OAuth2.0" minOccurs="0"
maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="grant_type" type="xsd:string"
minOccurs="0" maxOccurs="1" />
<xsd:element name="scope" type="xsd:string"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="Custom" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<xsd:element name="authentication_class" type="xsd:string"
minOccurs="1" maxOccurs="1" />
<xsd:element name="AuthenticationParam" type="AuthenticationParamType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension
fields and Marker -->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType"
minOccurs="1" maxOccurs="1" />
<!-- Event Filter. This is optional. If it is not used, all the audit
events will be collected -->
<xsd:element name="EventFilter" type="EventFilterType"
minOccurs="0" maxOccurs="1" />
</xsd:all>
<!-- Secured Target Type -->
<xsd:attribute name="securedTargetType" type="xsd:string"
use="required" />
<!-- Max Secured Target version supported by the template -->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string"
use="required" />
<!-- Min Secured Target version supported by the template -->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string" />
<!-- Template file version -->
<xsd:attribute name="version" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.8 Schema For Name Pattern Collection Plug-in Mapper File
See how to set up a schema for a name pattern collection plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a schema:
Example B-8 Name Pattern Collection Plug-in Mapper File
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://foobar.example.com/avdf/ezcollector/namepattern" targetNamespace="http://foobar.example.com/avdf/ezcollector/namepattern" elementFormDefault="qualified" >
<!--Name Pattern-->
<xsd:simpleType name="DateFormatValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="yyyy_MM_dd"/>
<xsd:enumeration value="dd_MM_yyyy"/>
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="NameFormatDateType">
<xsd:all>
<xsd:element name="Format" type="DateFormatValues" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Inc" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
<xsd:complexType name="NameFormatNumberType">
<xsd:all>
<xsd:element name="Format" type="xsd:string" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Inc" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
<xsd:complexType name="NameFormat">
<xsd:choice>
<xsd:element name="DateFormat" type="NameFormatDateType"/>
<xsd:element name="NumberFormat" type="NameFormatNumberType"/>
<xsd:element name="StringFormat" type="xsd:string"/>
</xsd:choice>
</xsd:complexType>
<xsd:complexType name="NamePatternType">
<xsd:choice>
<xsd:element name="RollNamePattern">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1000"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="IncrementNamePattern">
<xsd:complexType>
<xsd:all>
<!-- Type and Format of the pattern Type Date, Format yyyy_MM_dd -->
<xsd:element name="NamePrefix" type="NameFormat" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Name" type="NameFormat" minOccurs="1" maxOccurs="1"/>
<xsd:element name="NameSuffix" type="NameFormat" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:schema>
B.9 Schema For JSON Collector Plug-in Mapper File
See how to set up a schema for JSON collector plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a schema:
Example B-9 JSON Collector Plug-in Mapper File
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:include schemaLocation="ezCollectorTemplate_schema.xsd"/>
<!-- XML Document Structure-->
<xsd:element name="AVJSONCollectorTemplate" >
<xsd:complexType>
<xsd:all>
<xsd:element name="HeaderInfo" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- StartTag tag contains Root element of XML Audit data file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="0" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<xsd:element name="RecordInfo" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:all>
<!-- start tag of xml audit record in XML audit file-->
<xsd:element name="StartTag" type="xsd:string" minOccurs="1" maxOccurs="1"/>
</xsd:all>
</xsd:complexType>
</xsd:element>
<!-- Secured Target to AV server fields Mapping for Core, Large, Extension fields and Marker-->
<xsd:element name="FieldMappingInfo" type="FieldMappingInfoType" minOccurs="1" maxOccurs="1"/>
<!-- Event Filter. This is optional. If it is not used, all the audit events will be collected-->
<xsd:element name="EventFilter" type="EventFilterType" minOccurs="0" maxOccurs="1"/>
</xsd:all>
<!-- Secured Target Type-->
<xsd:attribute name="securedTargetType" type="xsd:string" use="required"/>
<!-- Max Secured Target version supported by the template-->
<xsd:attribute name="maxSecuredTargetVersion" type="xsd:string" use="required"/>
<!-- Min Secured Target version supported by the template-->
<xsd:attribute name="minSecuredTargetVersion" type="xsd:string"/>
<!-- Template file version-->
<xsd:attribute name="version" type="xsd:string" use="required"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
B.10 Schema For EZCollector Plug-in Mapper File
See how to set up a schema for an EZCollector plug-in mapper file for Oracle Audit Vault and Database Firewall.
In the following example, you can see how to set up a schema:
Example B-10 EZCollector Plug-in Mapper File
<?xml version="1.0"?>
<!--
Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
-->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!--Existing Set of Core Fields-->
<xsd:simpleType name="CoreFieldValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="EventTimeUTC"/>
<xsd:enumeration value="UserName"/>
<xsd:enumeration value="OSUserName"/>
<xsd:enumeration value="CommandClass"/>
<xsd:enumeration value="TargetObject"/>
<xsd:enumeration value="ClientHostName"/>
<xsd:enumeration value="ClientIP"/>
<xsd:enumeration value="ClientProgramName"/>
<xsd:enumeration value="TargetOwner"/>
<xsd:enumeration value="ErrorId"/>
<xsd:enumeration value="ErrorMessage"/>
<xsd:enumeration value="EventStatus"/>
<xsd:enumeration value="EventName"/>
<xsd:enumeration value="TargetType"/>
<xsd:enumeration value="TerminalName"/>
<xsd:enumeration value="ClientId"/>
</xsd:restriction>
</xsd:simpleType>
<!--Existing Set of Large Fields-->
<xsd:simpleType name="LargeFieldValues">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="CommandText"/>
<xsd:enumeration value="CommandParam"/>
</xsd:restriction>
</xsd:simpleType>
<!-- Field ValueTransformation Type-->
<xsd:complexType name="ValueTransformationType">
<xsd:attribute name="from" type="xsd:string" use="required"/>
<xsd:attribute name="to" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field FieldTransformation Type-->
<xsd:complexType name="FieldTransformationType">
<xsd:attribute name="from" type="xsd:string" use="required"/>
<xsd:attribute name="to" type="xsd:string" use="required"/>
</xsd:complexType>
<!-- Field Transformation Type-->
<xsd:complexType name="TransformationType">
<xsd:sequence>
<xsd:element name="ValueTransformation" type="ValueTransformationType" minOccurs="0" maxOccurs="2000" />
<xsd:element name="FieldTransformation" type="FieldTransformationType" minOccurs="0" maxOccurs ="2000" />
</xsd:sequence>
</xsd:complexType>
<!--FieldMappingInfo-->
<xsd:complexType name="FieldMappingInfoType">
<xsd:all>
<!-- Core Field Mapping-->
<xsd:element name="CoreFields" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Map" minOccurs="1" maxOccurs ="14">
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="MapTo" type="CoreFieldValues" />
<xsd:element name="TimestampPattern" type="xsd:string" minOccurs="0" maxOccurs="1" />
<xsd:element name="Transformation" type="TransformationType" minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- Large Field Mapping -->
<xsd:element name="LargeFields" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Map" minOccurs="0" maxOccurs="2">
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="MapTo" type="LargeFieldValues" />
<xsd:element name="Transformation" type="TransformationType" minOccurs="0" maxOccurs="1" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- List of fields to be mapped to extensible fields-->
<xsd:element name="ExtensionField" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="0" maxOccurs ="500" />
<xsd:element name="ComplexName" minOccurs="0" maxOccurs ="500" >
<xsd:complexType>
<xsd:all>
<xsd:element name="Name" type="xsd:string" />
<xsd:element name="RegExp" type="xsd:string" />
</xsd:all>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<!-- List of fields which uniquely identify each audit record-->
<xsd:element name="MarkerField" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="20"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
</xsd:all>
</xsd:complexType>
<!-- Filter Type-->
<xsd:complexType name="FilterType">
<xsd:sequence>
<!-- Provide all Included or Excluded values for given source field name-->
<xsd:element name="Value" minOccurs="1" maxOccurs="1000" type="xsd:string"/>
</xsd:sequence>
</xsd:complexType>
<!-- Event Filter Type-->
<xsd:complexType name="EventFilterType">
<xsd:sequence>
<!-- Source Field Name through which audit events will be filtered-->
<xsd:element name="FieldName" type="xsd:string"/>
<xsd:choice>
<!-- Use either Include or Exclude to filter audit events-->
<xsd:element name="Include" type="FilterType" minOccurs="1" maxOccurs="1"/>
<xsd:element name="Exclude" type="FilterType" minOccurs="1" maxOccurs="1"/>
</xsd:choice>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>