A Troubleshooting Oracle Audit Vault and Database Firewall
Oracle Audit Vault and Database Firewall provides troubleshooting advice for a range of installation or upgrade scenarios.
- Install or Upgrade Failure Due to New File System Added to Oracle AVDF
Learn how to resolve the error pertaining to new file system added to Oracle AVDF. - Cannot Access the Audit Vault Server Console
Learn the workaround for when you cannot access the Audit Vault server user interface or console. - Collecting Logs to Debug Installation Failures
To collect logs for debug installation failures, follow this procedure. - Failure While Adding Disks
If you experience disk failures when adding disks during an upgrade, then use this procedure. - Unable to Reach Gateway Error
Learn to fix incorrect Gateway details entered during installation. - RPM Upgrade Failed
Read the troubleshooting advice if RPM upgrades fail.
A.1 Install or Upgrade Failure Due to New File System Added to Oracle AVDF
Learn how to resolve the error pertaining to new file system added to Oracle AVDF.
Problem
Pre-existing file system, LVM, or device mapper metadata may result in upgrade or installation failure.
Symptom
The symptoms of any pre-existing LVM or other device mapper metadata include, but are not limited to:
- Two
vg_root
volume groups. - Hard drive devices becoming unavailable during install or upgrade. This may lead to input or output errors and eventually result in upgrade failure.
Solution
To remove any such metadata, follow these steps:
-
Run the following command on the device:
# dd of=/dev/<device name> if=/dev/zero bs=1024k
Best Practice:
To ensure you only erase the correct drive, place it in a standalone system to run this command. On successful completion, add the drive to Oracle AVDF appliance. -
Reboot the device.
-
Verify the partition table and metadata.
Note:
This will erase data from the drive.Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall
A.2 Cannot Access the Audit Vault Server Console
Learn the workaround for when you cannot access the Audit Vault server user interface or console.
Problem
The Audit Vault Server console is not accessible.
Solution
There are two remedies that you can perform depending on when this problem occurs:
-
The problem occurs immediately after Audit Vault Server installation.
In this case, the installation may not have been completed correctly. Perform the installation again.
-
The problem occurs after the system is already running.
In this case, check that the disk is not full and that the Oracle Audit Vault Server database is running using this command:
/etc/init.d/dbfwdb status
To restart the database, use run this command as
root
:/etc/init.d/dbfwdb start
If you have a problem restarting the database, then contact Oracle Support.
Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall
A.3 Collecting Logs to Debug Installation Failures
To collect logs for debug installation failures, follow this procedure.
Problem
You may encounter issues during installation or upgrade.
Pre-reboot installation failure
To collect logs for debugging pre-reboot installation failures, follow this procedure:
- During installation or upgrade, after mounting the
.iso
file, press Tab and interrupt the normal boot process. - To collect logs, the installer must run with command line access. To
enable command line access, remove the
noshell
from the boot option. - After the failure occurs, press the Alt + Right Arrow key to access the command line.
-
Run the following command to start the collection tool:
python /run/install/repo/collect_diagnostics.py
- Follow the instructions to collect the diagnostics file.
Post-reboot installation failure
To collect logs for debugging post-reboot installation failures, follow this procedure:
- Using the password you have previously set, log in as root on the console or using ssh.
-
Run the following command to start the collection tool:
python /media/avdf-install/collect_diagnostics.py
- Follow the instructions to collect the diagnostics file.
Collecting the diagnostics file
Use this procedure to collect the diagnostics file for analyzing or debugging issues.
-
The collection tool creates a diagnostic or log file in the following location:
/root/install-diagnostics.tgz
-
Follow the instructions that are displayed on the prompt to transfer the diagnostic file for analysis. Use the following command to transfer the file:
scp /root/install-diagnostics.tgz <user>@<Ip address>:<Path>
-
The following steps and commands pertaining to configuring the network are also displayed on the command prompt:
ip addr add <IP address>/<sub net> dev <Interface>
ip link set <Interface> up
ip route add default via <Gateway>
- Use the information available in the diagnostic file for analyzing the issue. Attempt to redo the installation after addressing the issue.
Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall
A.4 Failure While Adding Disks
If you experience disk failures when adding disks during an upgrade, then use this procedure.
Problem
Failure while adding additional disk or failure during upgrade. The symptoms include, but are not limited to:
-
Two
vg_root
volume groups. This results in failure during install or upgrade. -
Hard drive devices becoming unavailable during install or upgrade. This leads to input or output errors and failure.
Solution
Ensure that any disk added to the appliance has no pre-existing LVM or other device mapper metadata. To remove any such metadata, follow these steps:
-
Execute the following command:
dd of=/dev/<device name> if=/dev/zero bs=1024k
Best Practice:
To ensure you only erase the correct drive, place it in a standalone system to execute this command. On successful completion, add the drive to the Oracle Audit Vault and Database Firewall appliance.
-
Reboot the device.
-
Verify the partition table and metadata.
Note:
Fiber Channel based storage with multipath is supported in Oracle Audit Vault and Database Firewall release 20.1 and onwards.
Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall
A.5 Unable to Reach Gateway Error
Learn to fix incorrect Gateway details entered during installation.
Problem
Incorrect or invalid Gateway details entered while installing Audit Vault Sever or Database Firewall. The following error message may be encountered:
Gateway is not reachable from host
Solution
The Gateway details can to be corrected by following these steps:
- Log in to Terminal-1 as root user.
Alternately, Terminal-1 can be accessed by pressing
Ctrl+Alt+Right Arrow Key
. - Access and open the dbfw.conf file by executing this command:
vi /usr/local/dbfw/etc/dbfw.conf
- Set the correct value for the GATEWAY field by overwriting the existing value.
- Save and close the file.
- Execute the command to apply the modified value:
/usr/local/dbfw/bin/priv/configure-networking
- Return back to the appliance screen by pressing
Ctrl+Alt+Left Arrow Key
.
Note:
The network settings entered during installation can be modified, by choosing the Change IP Settings option in the installer or appliance screen.Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall
A.6 RPM Upgrade Failed
Read the troubleshooting advice if RPM upgrades fail.
Problem
An RPM upgrade failed with the following error:
error: %post(dbfw-mgmtsvr-###) scriptlet failed, exit status 1
Solution
-
Check that there is at least 10MB of free
/tmp
space. -
Remove the new RPM:
rpm -e dbfw-mgmtsvr-###
-
Retry the upgrade.
Parent topic: Troubleshooting Oracle Audit Vault and Database Firewall