A Troubleshooting Oracle Audit Vault and Database Firewall

Oracle Audit Vault and Database Firewall provides troubleshooting advice for a range of installation or upgrade scenarios.

A.1 Install or Upgrade Failure Due to New File System Added to Oracle AVDF

Learn how to resolve the error pertaining to new file system added to Oracle AVDF.

Problem

Pre-existing file system, LVM, or device mapper metadata may result in upgrade or installation failure.

Symptom

The symptoms of any pre-existing LVM or other device mapper metadata include, but are not limited to:

  • Two vg_root volume groups.
  • Hard drive devices becoming unavailable during install or upgrade. This may lead to input or output errors and eventually result in upgrade failure.

Solution

To remove any such metadata, follow these steps:

  1. Run the following command on the device:

    # dd of=/dev/<device name> if=/dev/zero bs=1024k

    Best Practice:

    To ensure you only erase the correct drive, place it in a standalone system to run this command. On successful completion, add the drive to Oracle AVDF appliance.
  2. Reboot the device.

  3. Verify the partition table and metadata.

Note:

This will erase data from the drive.

A.2 Cannot Access the Audit Vault Server Console

Learn the workaround for when you cannot access the Audit Vault server user interface or console.

Problem

The Audit Vault Server console is not accessible.

Solution

There are two remedies that you can perform depending on when this problem occurs:

  • The problem occurs immediately after Audit Vault Server installation.

    In this case, the installation may not have been completed correctly. Perform the installation again.

  • The problem occurs after the system is already running.

    In this case, check that the disk is not full and that the Oracle Audit Vault Server database is running using this command:

    /etc/init.d/dbfwdb status

    To restart the database, use run this command as root:

    /etc/init.d/dbfwdb start

    If you have a problem restarting the database, then contact Oracle Support.

A.3 Collecting Logs to Debug Installation Failures

To collect logs for debug installation failures, follow this procedure.

Problem

You may encounter issues during installation or upgrade.

Pre-reboot installation failure

To collect logs for debugging pre-reboot installation failures, follow this procedure:

  1. During installation or upgrade, after mounting the .iso file, press Tab and interrupt the normal boot process.
  2. To collect logs, the installer must run with command line access. To enable command line access, remove the noshell from the boot option.
  3. After the failure occurs, press the Alt + Right Arrow key to access the command line.
  4. Run the following command to start the collection tool:

    python /run/install/repo/collect_diagnostics.py
  5. Follow the instructions to collect the diagnostics file.

Post-reboot installation failure

To collect logs for debugging post-reboot installation failures, follow this procedure:

  1. Using the password you have previously set, log in as root on the console or using ssh.
  2. Run the following command to start the collection tool:

    python /media/avdf-install/collect_diagnostics.py
  3. Follow the instructions to collect the diagnostics file.

Collecting the diagnostics file

Use this procedure to collect the diagnostics file for analyzing or debugging issues.

  1. The collection tool creates a diagnostic or log file in the following location:

    /root/install-diagnostics.tgz

  2. Follow the instructions that are displayed on the prompt to transfer the diagnostic file for analysis. Use the following command to transfer the file:

    scp /root/install-diagnostics.tgz <user>@<Ip address>:<Path>
  3. The following steps and commands pertaining to configuring the network are also displayed on the command prompt:

    ip addr add <IP address>/<sub net> dev <Interface>
    ip link set <Interface> up
    ip route add default via <Gateway>
  4. Use the information available in the diagnostic file for analyzing the issue. Attempt to redo the installation after addressing the issue.

A.4 Failure While Adding Disks

If you experience disk failures when adding disks during an upgrade, then use this procedure.

Problem

Failure while adding additional disk or failure during upgrade. The symptoms include, but are not limited to:

  • Two vg_root volume groups. This results in failure during install or upgrade.

  • Hard drive devices becoming unavailable during install or upgrade. This leads to input or output errors and failure.

Solution

Ensure that any disk added to the appliance has no pre-existing LVM or other device mapper metadata. To remove any such metadata, follow these steps:

  1. Execute the following command:

    dd of=/dev/<device name> if=/dev/zero bs=1024k

    Best Practice:

    To ensure you only erase the correct drive, place it in a standalone system to execute this command. On successful completion, add the drive to the Oracle Audit Vault and Database Firewall appliance.

  2. Reboot the device.

  3. Verify the partition table and metadata.

Note:

Fiber Channel based storage with multipath is supported in Oracle Audit Vault and Database Firewall release 20.1 and onwards.

A.5 Unable to Reach Gateway Error

Learn to fix incorrect Gateway details entered during installation.

Problem

Incorrect or invalid Gateway details entered while installing Audit Vault Sever or Database Firewall. The following error message may be encountered:

Gateway is not reachable from host

Solution

The Gateway details can to be corrected by following these steps:

  1. Log in to Terminal-1 as root user. Alternately, Terminal-1 can be accessed by pressing Ctrl+Alt+Right Arrow Key.
  2. Access and open the dbfw.conf file by executing this command:
    vi /usr/local/dbfw/etc/dbfw.conf
  3. Set the correct value for the GATEWAY field by overwriting the existing value.
  4. Save and close the file.
  5. Execute the command to apply the modified value:
    /usr/local/dbfw/bin/priv/configure-networking
  6. Return back to the appliance screen by pressing Ctrl+Alt+Left Arrow Key.

Note:

The network settings entered during installation can be modified, by choosing the Change IP Settings option in the installer or appliance screen.

A.6 RPM Upgrade Failed

Read the troubleshooting advice if RPM upgrades fail.

Problem

An RPM upgrade failed with the following error:

error: %post(dbfw-mgmtsvr-###) scriptlet failed, exit status 1

Solution

  1. Check that there is at least 10MB of free /tmp space.

  2. Remove the new RPM:

    rpm -e dbfw-mgmtsvr-###

  3. Retry the upgrade.