1. Using Oracle Data Safe
  2. User Assessment
  3. View User Assessments and Assessment History
  4. View the Latest User Assessment for a Target Database

View the Latest User Assessment for a Target Database

You can access the latest assessment for an individual target database via the Target Summary tab.

  1. From the User Assessment page, click the Target Summary tab.
  2. On the left under List Scope, select the compartment that contains the target database(s) for which you want to view the User Assessment reports. Select the INCLUDE CHILD COMPARTMENTS check box if you also want to be able to view reports for target databases that reside in child compartments too.
  3. (Optional) Under Filters, select a target database from the Target databases list to narrow the scope of displayed metrics and charts.
  4. On the Target Summary tab, locate the line in the table for your target database, and click View Report. The User Assessment Details page is displayed, showing you the latest assessment report for your target database
  5. At the top of the report, review the set of charts specific to the selected database to get a quick view of the current security posture. The charts show you the collective potential risk findings from the most recent assessment of the selected target database. The Potential user risk chart breaks down the total number of potential risks found and shows the total number of users broken down by potential risk level. User roles shows the crucial roles held by privileged users in those target databases. Last password change and Last login show the totals for how recently users of the target databases performed those actions, also broken down by percentages. These charts give you a quick overview about the state of user security for the selected target database. You may for example, be able to see right away that the latest assessment found a substantial number of CRITICAL and HIGH potential risk users. In addition, clicking on any of the chart segments will filter the Assessment Details accordingly.
  6. Click the Assessment Information tab to view details about the database and the latest user assessment run on the database, including the baseline assessment (if any) that was used to identify changes in the potential risk level posed by user accounts.
  7. (Optional) Click on Baseline to view the baseline and then use the browser back arrow to return the User Assessment Details page.

    Note:

    The Created time for a baseline will display the date and time when the first baseline was set for any target in the current compartment. It is not necessarily the date and time the target specific baseline you are viewing was created.
  8. Scroll down to Assessment Details, where you can drill down to get more details about current risk factors. Here you see a profile of each potential risk finding. These are sorted by user, with details such as the type of user (PRIVILEGED, SCHEMA, or NON_PRIVILEGED), what roles they hold, the potential risk level assigned to this user, current status of the account, last login, and what schemas they have access to.
  9. TIP: Click on a user under the User Name column for more detail. This shows you all roles and privileges granted to the user and the creation date of the account, which is not shown in the Critical Potential Risk Details table. Also note that you can use the Add Filter button to narrow down the results. For example you can apply the Potential Risk filter if you only want to see users at a specific level of potential risk.
  10. Click View Activity to review the audit records for the selected user. The All Activity Report displays, with the data pre-filtered for the selected user. You can select other auditing reports from the links on this page.

Note: Your ability to set the scope is determined by the access privileges you have within the tenancy. You can access only compartments and target databases within compartments that you have privileges to access.