第1页 / 共298页
第2页 / 共298页
第3页 / 共298页
第4页 / 共298页
第5页 / 共298页
第6页 / 共298页
第7页 / 共298页
第8页 / 共298页
Oracle audit vault管理手册.pdf
Contents
List of Examples
List of Figures
List of Tables
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in Oracle Audit Vault for Administrators?
Oracle Audit Vault Release 10.2.3.2 New Features
Oracle Audit Vault Release 10.2.3.1 New Features
1 Introducing Oracle Audit Vault for Administrators
1.1 How Do Administrators Use Oracle Audit Vault?
1.2 General Steps for Administering Oracle Audit Vault
1.2.1 Step 1: Understand the Oracle Audit Vault Architecture
1.2.2 Step 2: Plan the Oracle Audit Vault Source Database and Collector Configuration
1.2.3 Step 3: Configure Collectors to Collect Audit Data
1.2.4 Step 4: Monitor and Maintain the Audit Record Collection Process
1.3 Components of Oracle Audit Vault
1.3.1 Source Databases
1.3.2 Oracle Audit Vault Server
1.3.2.1 General Oracle Audit Vault Server Components
1.3.2.2 Default Oracle Audit Vault Server Port Numbers
1.3.3 Oracle Database Vault
1.3.4 Audit Vault Collection Agent and Collectors
1.3.4.1 What Are Collection Agents and Collectors?
1.3.4.2 General Audit Vault Collection Agent and Collector Components
1.3.4.3 Default Audit Vault Collection Agent and Collector Port Numbers
1.3.5 How the Oracle Audit Vault Components Work Together
1.4 Administrative Tools for Managing Oracle Audit Vault
1.5 Default Oracle Audit Vault Roles
1.6 Planning the Source Database and Collector Configuration
1.6.1 About Planning the Source Database and Collector Configuration
1.6.2 Planning the Oracle Source Database and Collector Configuration
1.6.3 Planning the Microsoft SQL Server Source Database and Collector Configuration
1.6.4 Planning the Sybase ASE Source Database and Collector Configuration
1.6.5 Planning the IBM DB2 Source Database and Collector Configuration
2 Registering Source Databases and Collectors
2.1 General Steps for Adding Sources and Deploying Collectors
2.2 Checking and Setting Environment Variables
2.2.1 About Checking and Setting Linux and UNIX Environment Variables
2.2.2 Setting the Audit Vault Server Linux and UNIX Environment Variables
2.2.3 Setting the Collection Agent Linux and UNIX Environment Variables
2.2.4 Using Oracle Audit Vault in a Microsoft Windows Environment
2.2.5 Setting the Oracle Source Database Linux and UNIX Environment Variables
2.3 Registering Oracle Database Sources and Collectors
2.3.1 Step 1: Create a User Account on the Oracle Source Database
2.3.2 Step 2: Verify That the Source Database Is Compatible with the Collectors
2.3.3 Step 3: Register the Oracle Source Database with Oracle Audit Vault
2.3.4 Step 4: Add the Oracle Collectors to Oracle Audit Vault
2.3.5 Step 5: Enable the Audit Vault Agent to Run the Oracle Database Collectors
2.4 Registering Microsoft SQL Server Database Sources and Collector
2.4.1 Step 1: Download the Microsoft SQL Server JDBC Driver
2.4.2 Step 2: Create a User Account on the Microsoft SQL Server Database Instance
2.4.3 Step 3: Verify That the Database Instance Is Compatible with the Collector
2.4.4 Step 4: Register the SQL Server Source Database Instance with Audit Vault
2.4.5 Step 5: Add the MSSQLDB Collector to Oracle Audit Vault
2.4.6 Step 6: Enable the Audit Vault Agent to Run the MSSQLDB Collector
2.4.7 Step 7: Optionally, Schedule an Audit Trail Cleanup for SQL Server Audit Files
2.5 Registering Sybase ASE Database Sources and Collector
2.5.1 Step 1: Download the jConnect for JDBC Driver
2.5.2 Step 2: Create a User Account on the Sybase ASE Source Database
2.5.3 Step 3: Verify That the Source Database Is Compatible with the Collector
2.5.4 Step 4: Register the Sybase ASE Source Database with Oracle Audit Vault
2.5.5 Step 5: Add the SYBDB Collector to Oracle Audit Vault
2.5.6 Step 6: Enable the Audit Vault Agent to Run the SYBDB Collector
2.6 Registering IBM DB2 Database Sources and Collector
2.6.1 Step 1: Copy the DB2 JDBC and SQLJ Driver to the Audit Vault Homes
2.6.2 Step 2: Designate a User Account on the IBM DB2 Source Database
2.6.3 Step 3: Verify That the Source Database Is Compatible with the Collector
2.6.4 Step 4: Register the IBM DB2 Source Database with Oracle Audit Vault
2.6.5 Step 5: Add the DB2 Collector to Oracle Audit Vault
2.6.6 Step 6: Convert the Binary DB2 Audit File to an ASCII Text File
2.6.6.1 Step 6A: Complete the Preparation Steps
2.6.6.2 Step 6B: Run the Conversion Script
2.7 Starting the Collection Agents
2.7.1 Starting the Oracle Audit Vault Release 10.2.3.2 Collection Agents
2.7.2 Starting the Oracle Audit Vault Release 10.2.3.1 or Earlier Collection Agents
2.8 Starting the Collectors
2.8.1 Starting the Collectors from the Audit Vault Console
2.8.2 Starting the Collectors from the Audit Vault Server
2.9 Checking the Status of the Collectors
2.9.1 Checking the Status of Collectors from the Audit Vault Console
2.9.2 Checking the Status of Collectors from a Command Line
2.10 Checking If the Collectors Are Collecting Audit Records
3 Managing Oracle Audit Vault
3.1 About Managing Oracle Audit Vault
3.2 Managing the Audit Vault Server
3.2.1 About Managing the Audit Vault Console
3.2.2 Checking the Audit Vault Console Status
3.2.3 Starting and Logging into the Audit Vault Console
3.2.4 Stopping the Audit Vault Server Console
3.2.5 Globally Disabling and Enabling Alert Settings
3.2.6 Viewing Audit Event Categories
3.2.7 Viewing Operational Errors That Oracle Audit Vault Catches
3.3 Altering Collector Properties and Attributes
3.3.1 About Collector Properties and Attributes
3.3.2 Altering Collector Properties and Attributes Using the Audit Vault Console
3.3.3 Altering Collector Properties and Attributes from a Command Line
3.4 Managing the Oracle Audit Vault Data Warehouse
3.4.1 About Managing the Oracle Audit Vault Data Warehouse
3.4.2 Setting the Audit Vault Data Warehouse Retention Period
3.4.2.1 About Setting a Retention Period
3.4.2.2 Creating a Retention Period Using the Audit Vault Console
3.4.2.3 Creating a Retention Period from a Command Line
3.4.3 Loading Data to the Oracle Audit Vault Data Warehouse
3.4.3.1 About Loading Data into the Oracle Audit Vault Warehouse
3.4.3.2 Loading Data Warehouse Data Using the Audit Vault Console
3.4.3.3 Loading Data Warehouse Data from a Command Line
3.4.4 Purging Data from the Oracle Audit Vault Data Warehouse
3.4.4.1 About Purging the Oracle Audit Vault Data Warehouse
3.4.4.2 Purging Data Warehouse Data Using the Audit Vault Console
3.4.4.3 Purging Data Warehouse Data from a Command Line
3.5 Altering Source Database Attributes
3.5.1 About Source Database Attributes
3.5.2 Altering Source Database Attributes Using the Audit Vault Console
3.5.3 Altering Source Database Attributes from a Command Line
3.6 Configuring E-Mail Notifications
3.6.1 About E-Mail Notification Usage with Oracle Audit Vault
3.6.2 Configuring the E-Mail Notification Service
3.7 Configuring Oracle Audit Vault for the Remedy Trouble Ticket System
3.7.1 About Using the Remedy Trouble Ticket System with Oracle Audit Vault
3.7.2 Configuring the Remedy Trouble Ticket Server Connection
3.8 Removing Source Databases from Oracle Audit Vault
3.8.1 About Removing Source Databases from Oracle Audit Vault
3.8.2 Removing a Source Database Using the Audit Vault Console
3.8.3 Removing a Source Database from a Command Line
4 Administering the Oracle Audit Vault Repository
4.1 About the Administrative Tasks in This Chapter
4.2 Monitoring the Audit Vault Server SYSAUX Tablespace Space Usage
4.3 Monitoring Audit Vault Server Archive Log Disk Space Usage
4.4 Monitoring the Audit Vault Server Flash Recovery Area
4.5 Managing Oracle Audit Vault Backup and Recovery Operations
4.5.1 Backing Up the Database
4.5.2 Backing Up Audit Vault Server Home and Audit Vault Collection Agent Home
4.6 Managing the Audit Vault Console in an Oracle RAC Configuration
4.7 Using a Collection Agent to Listen to Oracle RAC Nodes
4.8 Configuring Collection Agent Connectivity for Oracle RAC
4.9 Changing the Port Numbers Used by Oracle Audit Vault
4.9.1 Changing Port Numbers for the Audit Vault Server
4.9.1.1 Changing the Audit Vault Server Listener Port Number
4.9.1.2 Changing the Audit Vault Console HTTP Port Number
4.9.1.3 Changing the Oracle Enterprise Manager Database Control Port Number
4.9.1.4 Changing the Audit Vault PL/SQL Gateway Port Number
4.9.2 Changing Port Numbers for the Audit Vault Collection Agents
4.9.2.1 Changing the Collection Agent HTTP Port Number
4.9.2.2 Changing the Collection Agent RMI and JMS Port Numbers
4.9.3 Changing Port Numbers for the Oracle Source Database
4.10 Purging the Oracle Source Database Audit Trail
4.10.1 About Purging the Oracle Source Database Audit Trail
4.10.2 Scheduling an Automated Purge Job for an Oracle Audit Vault Environment
4.11 Purging the Oracle Audit Vault Repository Audit Trail
5 Managing Oracle Audit Vault Security
5.1 About Managing Oracle Audit Vault Security
5.2 Managing Oracle Audit Vault User Accounts
5.3 Managing Authentication Metadata Using Oracle Advanced Security
5.4 Changing Oracle Audit Vault User Passwords on a Regular Basis
5.4.1 About Oracle Audit Vault User Passwords
5.4.2 Changing the AV_ADMIN User Password
5.4.3 Changing the AVREPORTUSER Password
5.4.4 Changing the AV_AGENT Password
5.4.5 Changing the Source User Password
5.4.6 Changing the AV_AUDITOR Password
5.4.7 Ensuring That All Changed User Name Passwords Work Correctly
5.5 Using Oracle Database Vault within Oracle Audit Vault
5.6 Configuring HTTPS and SSL Communication for Oracle Audit Vault
5.6.1 About Configuring HTTPS and SSL Communication for Oracle Audit Vault
5.6.2 Step 1: Generate the Keystore
5.6.3 Step 2: Create an Audit Vault Agent Keystore by Using the keytool Utility
5.6.4 Step 3: Secure the XDB Services
5.6.5 Step 4: Secure Audit Vault Server
5.6.6 Step 5: Secure Audit Vault Agent
5.7 Updating XDB Certificates
6 Audit Vault Configuration Assistant (AVCA) Reference
6.1 add_agent
6.2 alter_remedy
6.3 alter_smtp
6.4 create_credential
6.5 create_wallet
6.6 deploy_av
6.7 disable_remedy
6.8 disable_smtp
6.9 drop_agent
6.10 enable_remedy
6.11 enable_smtp
6.12 generate_csr
6.13 -help
6.14 import_cert
6.15 redeploy
6.16 register_remedy
6.17 register_smtp
6.18 remove_cert
6.19 secure_agent
6.20 secure_av
6.21 secure_remedy
6.22 secure_smtp
6.23 set_server_tz
6.24 set_warehouse_retention
6.25 show_remedy_config
6.26 show_server_tz
6.27 show_smtp_config
6.28 test_remedy
6.29 test_smtp
7 Audit Vault Control (AVCTL) Reference
7.1 -help
7.2 load_warehouse
7.3 purge_warehouse
7.4 show_agent_status
7.5 show_av_status
7.6 show_collector_status
7.7 show_remedy_status
7.8 show_smtp_status
7.9 start_agent
7.10 start_av
7.11 start_collector
7.12 stop_agent
7.13 stop_av
7.14 stop_collector
7.15 AVCTL Commands Used for Release 10.2.3.1 Collection Agents
7.15.1 show_oc4j_status
7.15.2 start_oc4j
7.15.3 stop_oc4j
8 Audit Vault Oracle Database (AVORCLDB) Utility Commands
8.1 avorcldb
8.2 add_collector
8.3 add_source
8.4 alter_collector
8.5 alter_source
8.6 drop_collector
8.7 drop_source
8.8 -help
8.9 setup
8.10 verify
9 Audit Vault SQL Server (AVMSSQLDB) Utility Commands
9.1 avmssqldb
9.2 add_collector
9.3 add_source
9.4 alter_collector
9.5 alter_source
9.6 drop_collector
9.7 drop_source
9.8 -help
9.9 setup
9.10 verify
10 Audit Vault Sybase ASE (AVSYBDB) Utility Commands
10.1 avsybdb
10.2 add_collector
10.3 add_source
10.4 alter_collector
10.5 alter_source
10.6 drop_collector
10.7 drop_source
10.8 -help
10.9 setup
10.10 verify
11 Audit Vault IBM DB2 (AVDB2DB) Utility Commands
11.1 avdb2db
11.2 add_collector
11.3 add_source
11.4 alter_collector
11.5 alter_source
11.6 drop_collector
11.7 drop_source
11.8 -help
11.9 verify
12 REDO Collector Database Reference
12.1 About the Recommended Settings for the REDO Collector
12.2 Recommended Oracle Streams Supplemental Logging
12.3 Oracle Database 11g Release 2 (11.2) Audit Source Parameter Recommendations
12.4 Oracle Database 11g Release 1 (11.1) Audit Source Parameter Recommendations
12.5 Oracle Database 10g Release 2 (10.2) Audit Source Parameter Recommendations
12.6 Oracle Database 10g Release 1 (10.1) Audit Source Parameter Recommendations
12.7 Oracle9i Database Release 2 (9.2) Audit Source Parameter Recommendations
A Troubleshooting an Oracle Audit Vault System
A.1 Location of Audit Vault Server Log and Error Files
A.2 Location of Audit Vault Collection Agent Log and Error Files
A.3 Troubleshooting Tips
A.3.1 Checking Trace Files for Detailed Information About Oracle Database Errors
A.3.2 Troubleshooting Audit Vault Server
A.3.2.1 Tuning Audit Vault Server Performance for the REDO Collector
A.3.3 Troubleshooting Audit Vault Collection Agent
A.3.3.1 Blank Status on Windows Services Panel for Audit Vault Agent
A.3.3.2 Debugging a Collection Agent Problem
A.3.3.3 The Agent OC4J or Audit Vault Console OC4J Failing to Start
A.3.3.4 Failed Source Database Connection Due to Invalid Wallet Credentials
A.3.4 Troubleshooting the Audit Vault Collectors
A.3.4.1 ORA-01031 Error When You Try to Create a an Oracle Database Collector
A.3.4.2 Oracle Source Database DBAUD Log Errors When Starting DBAUD Collector
A.3.4.3 DBAUD Collector Does Not Start and the Listener Is Not Available
A.3.4.4 Not Sure if the DBAUD and OSAUD Collectors Are Working
A.3.4.5 ORA-01017 Error When You Try to Start the DBAUD or REDO Collectors
A.3.4.6 MSSQLDB, SYBDB, or DB2 Collector Log Indicates Jar File Is Missing
A.3.4.7 Collector Unable to Connect to the Source Database
A.3.4.8 Failure of the Computer on Which a Collector Resides
A.3.4.9 DB2 Collector Connection Being Denied Due to Lack of License
A.3.5 Troubleshooting Oracle Audit Vault Console
A.3.5.1 Audit Vault Console Not Appearing in the Web Browser
A.3.5.2 Audit Vault Console Problem Requiring Debugging
A.3.5.3 Oracle RAC Node Containing the Audit Vault Console Becomes Disabled
A.3.6 Troubleshooting the Oracle Audit Vault Audit Reports
A.3.6.1 Oracle Audit Vault Reports Not Displaying
A.3.6.2 Oracle Audit Vault Reports Not Showing Any Data
A.3.6.3 Not Sure if Audit Data Is Appearing in the Data Warehouse
A.3.6.4 Advanced Alerts Unable to Fire and New Alerts Cannot Be Created
A.3.7 Troubleshooting Oracle Audit Vault in an Oracle Real Application Clusters Environment
A.3.7.1 avca drop_agent Command Failing
B Oracle Audit Vault Error Messages
B.1 Audit Vault Server Error Messages
B.1.1 Generic Error Codes
B.1.2 Source Database and Event Error Codes
B.1.3 Collector Error Codes
B.1.4 Attribute Definition Error Codes
B.1.5 Alert Error Codes
B.1.6 Server-Side Audit Service Error Messages
B.1.7 Data Warehouse Error Messages
B.1.8 Other Audit Vault Policy Error Messages
B.2 Oracle Audit Vault Client Error Messages
B.2.1 General Error Messages
B.2.2 CSDK Error Messages
B.2.3 Command-Line Interface Error Messages
B.2.4 OSAUD Collector Error Messages
B.2.5 DBAUD Collector Error Messages
Glossary
Index
A
B
C
D
E
F
G
H
I
L
M
N
O
P
R
S
T
U
V
W
Oracle® Audit Vault
Administrator's Guide
Release 10.2.3.2
E14459-12
February 2012
Oracle Audit Vault Administrator's Guide, Release 10.2.3.2
E14459-12
Copyright © 2007, 2012, Oracle and/or its affiliates. All rights reserved.
Primary Authors: Patricia Huey, Rodney Ward
Contributors: Tammy Bednar, Janet Blowney, Manish Chandra, Naveen Gopal, Raghavendran
Hanumantharau, Srivatsan Kannan, K. Karun, Ravi Kumar, Valarie Moore, Dongwon Park, Dinesh Pathak,
Anurag Prasad, Srividya Tata, Harm ten Napel, Vipul Shah, Prahlada Varadan Thirumalai, Lok Sheung
This software and related documentation are provided under a license agreement containing restrictions on
use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your
license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license,
transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse
engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is
prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If
you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it
on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data
delivered to U.S. Government customers are "commercial computer software" or "commercial technical data"
pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As
such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and
license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of
the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software
License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software or hardware is developed for general use in a variety of information management
applications. It is not developed or intended for use in any inherently dangerous applications, including
applications that may create a risk of personal injury. If you use this software or hardware in dangerous
applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other
measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages
caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of
their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks
are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD,
Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced
Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information on content, products,
and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly
disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle
Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your
access to or use of third-party content, products, or services.
Contents
Preface ............................................................................................................................................................... xv
Audience..................................................................................................................................................... xv
Documentation Accessibility................................................................................................................... xv
Related Documents ................................................................................................................................... xv
Conventions .............................................................................................................................................. xvii
What's New in Oracle Audit Vault for Administrators? ....................................................... xix
Oracle Audit Vault Release 10.2.3.2 New Features .............................................................................. xix
Oracle Audit Vault Release 10.2.3.1 New Features ............................................................................ xxiv
1 Introducing Oracle Audit Vault for Administrators
1.1
1.2
1.2.1
1.2.2
1.2.3
1.2.4
1.3
1.3.1
1.3.2
1.3.2.1
1.3.2.2
1.3.3
1.3.4
1.3.4.1
1.3.4.2
1.3.4.3
1.3.5
1.4
1.5
1.6
1.6.1
1.6.2
1.6.3
1.6.4
How Do Administrators Use Oracle Audit Vault?................................................................ 1-1
General Steps for Administering Oracle Audit Vault ........................................................... 1-2
Step 1: Understand the Oracle Audit Vault Architecture.............................................. 1-2
Step 2: Plan the Oracle Audit Vault Source Database and Collector Configuration . 1-2
Step 3: Configure Collectors to Collect Audit Data ........................................................ 1-2
Step 4: Monitor and Maintain the Audit Record Collection Process ........................... 1-2
Components of Oracle Audit Vault ......................................................................................... 1-3
Source Databases ................................................................................................................. 1-3
Oracle Audit Vault Server .................................................................................................. 1-4
General Oracle Audit Vault Server Components .................................................... 1-4
Default Oracle Audit Vault Server Port Numbers................................................... 1-6
Oracle Database Vault......................................................................................................... 1-6
Audit Vault Collection Agent and Collectors.................................................................. 1-6
What Are Collection Agents and Collectors?........................................................... 1-7
General Audit Vault Collection Agent and Collector Components ..................... 1-7
Default Audit Vault Collection Agent and Collector Port Numbers.................... 1-8
How the Oracle Audit Vault Components Work Together .......................................... 1-9
Administrative Tools for Managing Oracle Audit Vault................................................... 1-10
Default Oracle Audit Vault Roles.......................................................................................... 1-11
Planning the Source Database and Collector Configuration............................................. 1-12
About Planning the Source Database and Collector Configuration ......................... 1-12
Planning the Oracle Source Database and Collector Configuration ......................... 1-12
Planning the Microsoft SQL Server Source Database and Collector Configuration 1-14
Planning the Sybase ASE Source Database and Collector Configuration................ 1-15
iii
1.6.5
Planning the IBM DB2 Source Database and Collector Configuration..................... 1-16
2 Registering Source Databases and Collectors
2.1
2.2
2.2.1
2.2.2
2.2.3
2.2.4
2.2.5
2.3
2.3.1
2.3.2
2.3.3
2.3.4
2.3.5
2.4
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.4.6
2.4.7
2.5
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
2.6
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.6.1
2.6.6.2
2.7
2.7.1
2.7.2
2.8
2.8.1
2.8.2
2.9
General Steps for Adding Sources and Deploying Collectors ............................................. 2-1
Checking and Setting Environment Variables........................................................................ 2-2
About Checking and Setting Linux and UNIX Environment Variables...................... 2-2
Setting the Audit Vault Server Linux and UNIX Environment Variables .................. 2-2
Setting the Collection Agent Linux and UNIX Environment Variables...................... 2-4
Using Oracle Audit Vault in a Microsoft Windows Environment............................... 2-5
Setting the Oracle Source Database Linux and UNIX Environment Variables.......... 2-5
Registering Oracle Database Sources and Collectors ............................................................ 2-5
Step 1: Create a User Account on the Oracle Source Database..................................... 2-5
Step 2: Verify That the Source Database Is Compatible with the Collectors .............. 2-7
Step 3: Register the Oracle Source Database with Oracle Audit Vault ....................... 2-9
Step 4: Add the Oracle Collectors to Oracle Audit Vault ........................................... 2-10
Step 5: Enable the Audit Vault Agent to Run the Oracle Database Collectors........ 2-13
Registering Microsoft SQL Server Database Sources and Collector ................................ 2-13
Step 1: Download the Microsoft SQL Server JDBC Driver......................................... 2-14
Step 2: Create a User Account on the Microsoft SQL Server Database Instance..... 2-14
Step 3: Verify That the Database Instance Is Compatible with the Collector .......... 2-15
Step 4: Register the SQL Server Source Database Instance with Audit Vault ......... 2-15
Step 5: Add the MSSQLDB Collector to Oracle Audit Vault...................................... 2-16
Step 6: Enable the Audit Vault Agent to Run the MSSQLDB Collector ................... 2-17
Step 7: Optionally, Schedule an Audit Trail Cleanup for SQL Server Audit Files . 2-18
Registering Sybase ASE Database Sources and Collector.................................................. 2-19
Step 1: Download the jConnect for JDBC Driver ......................................................... 2-19
Step 2: Create a User Account on the Sybase ASE Source Database......................... 2-19
Step 3: Verify That the Source Database Is Compatible with the Collector ............ 2-20
Step 4: Register the Sybase ASE Source Database with Oracle Audit Vault............ 2-20
Step 5: Add the SYBDB Collector to Oracle Audit Vault............................................ 2-21
Step 6: Enable the Audit Vault Agent to Run the SYBDB Collector.......................... 2-21
Registering IBM DB2 Database Sources and Collector ...................................................... 2-22
Step 1: Copy the DB2 JDBC and SQLJ Driver to the Audit Vault Homes................ 2-22
Step 2: Designate a User Account on the IBM DB2 Source Database ....................... 2-23
Step 3: Verify That the Source Database Is Compatible with the Collector ............ 2-23
Step 4: Register the IBM DB2 Source Database with Oracle Audit Vault ................ 2-23
Step 5: Add the DB2 Collector to Oracle Audit Vault ................................................. 2-24
Step 6: Convert the Binary DB2 Audit File to an ASCII Text File.............................. 2-25
Step 6A: Complete the Preparation Steps .............................................................. 2-25
Step 6B: Run the Conversion Script ........................................................................ 2-26
Starting the Collection Agents ............................................................................................... 2-27
Starting the Oracle Audit Vault Release 10.2.3.2 Collection Agents ......................... 2-28
Starting the Oracle Audit Vault Release 10.2.3.1 or Earlier Collection Agents ....... 2-28
Starting the Collectors ............................................................................................................. 2-28
Starting the Collectors from the Audit Vault Console ................................................ 2-28
Starting the Collectors from the Audit Vault Server ................................................... 2-29
Checking the Status of the Collectors ................................................................................... 2-30
iv
2.9.1
2.9.2
2.10
Checking the Status of Collectors from the Audit Vault Console ............................. 2-30
Checking the Status of Collectors from a Command Line ......................................... 2-31
Checking If the Collectors Are Collecting Audit Records ................................................. 2-31
3 Managing Oracle Audit Vault
3.1
3.2
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.3
3.3.1
3.3.2
3.3.3
3.4
3.4.1
3.4.2
3.4.2.1
3.4.2.2
3.4.2.3
3.4.3
3.4.3.1
3.4.3.2
3.4.3.3
3.4.4
3.4.4.1
3.4.4.2
3.4.4.3
3.5
3.5.1
3.5.2
3.5.3
3.6
3.6.1
3.6.2
3.7
3.7.1
3.7.2
3.8
3.8.1
3.8.2
3.8.3
About Managing Oracle Audit Vault ...................................................................................... 3-1
Managing the Audit Vault Server ............................................................................................ 3-1
About Managing the Audit Vault Console...................................................................... 3-1
Checking the Audit Vault Console Status ....................................................................... 3-2
Starting and Logging into the Audit Vault Console....................................................... 3-2
Stopping the Audit Vault Server Console........................................................................ 3-3
Globally Disabling and Enabling Alert Settings ............................................................. 3-3
Viewing Audit Event Categories....................................................................................... 3-3
Viewing Operational Errors That Oracle Audit Vault Catches .................................... 3-5
Altering Collector Properties and Attributes.......................................................................... 3-6
About Collector Properties and Attributes ...................................................................... 3-6
Altering Collector Properties and Attributes Using the Audit Vault Console........... 3-6
Altering Collector Properties and Attributes from a Command Line ......................... 3-6
Managing the Oracle Audit Vault Data Warehouse.............................................................. 3-7
About Managing the Oracle Audit Vault Data Warehouse .......................................... 3-8
Setting the Audit Vault Data Warehouse Retention Period.......................................... 3-8
About Setting a Retention Period............................................................................... 3-8
Creating a Retention Period Using the Audit Vault Console ................................ 3-9
Creating a Retention Period from a Command Line............................................... 3-9
Loading Data to the Oracle Audit Vault Data Warehouse......................................... 3-10
About Loading Data into the Oracle Audit Vault Warehouse ........................... 3-10
Loading Data Warehouse Data Using the Audit Vault Console........................ 3-10
Loading Data Warehouse Data from a Command Line ...................................... 3-11
Purging Data from the Oracle Audit Vault Data Warehouse .................................... 3-11
About Purging the Oracle Audit Vault Data Warehouse.................................... 3-11
Purging Data Warehouse Data Using the Audit Vault Console ........................ 3-11
Purging Data Warehouse Data from a Command Line....................................... 3-12
Altering Source Database Attributes .................................................................................... 3-12
About Source Database Attributes................................................................................. 3-12
Altering Source Database Attributes Using the Audit Vault Console...................... 3-12
Altering Source Database Attributes from a Command Line.................................... 3-13
Configuring E-Mail Notifications.......................................................................................... 3-14
About E-Mail Notification Usage with Oracle Audit Vault ....................................... 3-14
Configuring the E-Mail Notification Service ................................................................ 3-15
Configuring Oracle Audit Vault for the Remedy Trouble Ticket System ....................... 3-16
About Using the Remedy Trouble Ticket System with Oracle Audit Vault............ 3-16
Configuring the Remedy Trouble Ticket Server Connection..................................... 3-16
Removing Source Databases from Oracle Audit Vault...................................................... 3-17
About Removing Source Databases from Oracle Audit Vault .................................. 3-17
Removing a Source Database Using the Audit Vault Console .................................. 3-18
Removing a Source Database from a Command Line ................................................ 3-18
v
4 Administering the Oracle Audit Vault Repository
4.1
4.2
4.3
4.4
4.5
4.5.1
4.5.2
4.6
4.7
4.8
4.9
4.9.1
4.9.1.1
4.9.1.2
4.9.1.3
4.9.1.4
4.9.2
4.9.2.1
4.9.2.2
4.9.3
4.10
4.10.1
4.10.2
4.11
About the Administrative Tasks in This Chapter .................................................................. 4-1
Monitoring the Audit Vault Server SYSAUX Tablespace Space Usage.............................. 4-1
Monitoring Audit Vault Server Archive Log Disk Space Usage ......................................... 4-2
Monitoring the Audit Vault Server Flash Recovery Area..................................................... 4-2
Managing Oracle Audit Vault Backup and Recovery Operations ..................................... 4-2
Backing Up the Database.................................................................................................... 4-3
Backing Up Audit Vault Server Home and Audit Vault Collection Agent Home .... 4-3
Managing the Audit Vault Console in an Oracle RAC Configuration ............................... 4-3
Using a Collection Agent to Listen to Oracle RAC Nodes ................................................... 4-4
Configuring Collection Agent Connectivity for Oracle RAC............................................... 4-5
Changing the Port Numbers Used by Oracle Audit Vault................................................... 4-5
Changing Port Numbers for the Audit Vault Server ..................................................... 4-6
Changing the Audit Vault Server Listener Port Number....................................... 4-6
Changing the Audit Vault Console HTTP Port Number ....................................... 4-8
Changing the Oracle Enterprise Manager Database Control Port Number ........ 4-8
Changing the Audit Vault PL/SQL Gateway Port Number.................................. 4-9
Changing Port Numbers for the Audit Vault Collection Agents ................................. 4-9
Changing the Collection Agent HTTP Port Number .............................................. 4-9
Changing the Collection Agent RMI and JMS Port Numbers ........................... 4-10
Changing Port Numbers for the Oracle Source Database .......................................... 4-10
Purging the Oracle Source Database Audit Trail ................................................................ 4-11
About Purging the Oracle Source Database Audit Trail............................................. 4-11
Scheduling an Automated Purge Job for an Oracle Audit Vault Environment ...... 4-12
Purging the Oracle Audit Vault Repository Audit Trail.................................................... 4-13
5 Managing Oracle Audit Vault Security
5.1
5.2
5.3
5.4
5.4.1
5.4.2
5.4.3
5.4.4
5.4.5
5.4.6
5.4.7
5.5
5.6
5.6.1
5.6.2
5.6.3
5.6.4
5.6.5
5.6.6
5.7
About Managing Oracle Audit Vault Security....................................................................... 5-1
Managing Oracle Audit Vault User Accounts........................................................................ 5-1
Managing Authentication Metadata Using Oracle Advanced Security ............................. 5-3
Changing Oracle Audit Vault User Passwords on a Regular Basis .................................... 5-4
About Oracle Audit Vault User Passwords..................................................................... 5-4
Changing the AV_ADMIN User Password..................................................................... 5-5
Changing the AVREPORTUSER Password..................................................................... 5-6
Changing the AV_AGENT Password............................................................................... 5-6
Changing the Source User Password................................................................................ 5-7
Changing the AV_AUDITOR Password .......................................................................... 5-9
Ensuring That All Changed User Name Passwords Work Correctly.......................... 5-9
Using Oracle Database Vault within Oracle Audit Vault.................................................. 5-10
Configuring HTTPS and SSL Communication for Oracle Audit Vault........................... 5-11
About Configuring HTTPS and SSL Communication for Oracle Audit Vault ....... 5-11
Step 1: Generate the Keystore ......................................................................................... 5-12
Step 2: Create an Audit Vault Agent Keystore by Using the keytool Utility........... 5-14
Step 3: Secure the XDB Services...................................................................................... 5-17
Step 4: Secure Audit Vault Server .................................................................................. 5-18
Step 5: Secure Audit Vault Agent................................................................................... 5-18
Updating XDB Certificates ..................................................................................................... 5-19
vi
6 Audit Vault Configuration Assistant (AVCA) Reference
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9
6.10
6.11
6.12
6.13
6.14
6.15
6.16
6.17
6.18
6.19
6.20
6.21
6.22
6.23
6.24
6.25
6.26
6.27
6.28
6.29
add_agent .................................................................................................................................... 6-3
alter_remedy................................................................................................................................ 6-4
alter_smtp..................................................................................................................................... 6-4
create_credential ........................................................................................................................ 6-6
create_wallet ................................................................................................................................ 6-7
deploy_av .................................................................................................................................... 6-7
disable_remedy ........................................................................................................................... 6-9
disable_smtp................................................................................................................................ 6-9
drop_agent ................................................................................................................................ 6-10
enable_remedy ......................................................................................................................... 6-10
enable_smtp .............................................................................................................................. 6-11
generate_csr .............................................................................................................................. 6-12
-help ........................................................................................................................................... 6-13
import_cert................................................................................................................................ 6-15
redeploy..................................................................................................................................... 6-16
register_remedy ....................................................................................................................... 6-17
register_smtp ............................................................................................................................ 6-18
remove_cert............................................................................................................................... 6-19
secure_agent ............................................................................................................................. 6-20
secure_av................................................................................................................................... 6-21
secure_remedy.......................................................................................................................... 6-23
secure_smtp .............................................................................................................................. 6-23
set_server_tz ............................................................................................................................. 6-24
set_warehouse_retention ........................................................................................................ 6-25
show_remedy_config .............................................................................................................. 6-26
show_server_tz......................................................................................................................... 6-27
show_smtp_config................................................................................................................... 6-27
test_remedy............................................................................................................................... 6-28
test_smtp ................................................................................................................................... 6-29
7 Audit Vault Control (AVCTL) Reference
7.1
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9
7.10
7.11
7.12
7.13
7.14
-help .............................................................................................................................................. 7-2
load_warehouse .......................................................................................................................... 7-4
purge_warehouse........................................................................................................................ 7-5
show_agent_status...................................................................................................................... 7-6
show_av_status ........................................................................................................................... 7-7
show_collector_status ................................................................................................................ 7-7
show_remedy_status.................................................................................................................. 7-8
show_smtp_status....................................................................................................................... 7-9
start_agent.................................................................................................................................... 7-9
start_av ...................................................................................................................................... 7-10
start_collector............................................................................................................................ 7-11
stop_agent ................................................................................................................................. 7-12
stop_av....................................................................................................................................... 7-13
stop_collector............................................................................................................................ 7-13
vii
7.15
7.15.1
7.15.2
7.15.3
AVCTL Commands Used for Release 10.2.3.1 Collection Agents .................................... 7-14
show_oc4j_status ............................................................................................................. 7-14
start_oc4j ............................................................................................................................ 7-15
stop_oc4j............................................................................................................................. 7-17
8 Audit Vault Oracle Database (AVORCLDB) Utility Commands
8.1
8.2
8.3
8.4
8.5
8.6
8.7
8.8
8.9
8.10
avorcldb........................................................................................................................................ 8-2
add_collector................................................................................................................................ 8-2
add_source ................................................................................................................................... 8-5
alter_collector .............................................................................................................................. 8-6
alter_source............................................................................................................................... 8-10
drop_collector........................................................................................................................... 8-11
drop_source .............................................................................................................................. 8-12
-help ........................................................................................................................................... 8-13
setup........................................................................................................................................... 8-14
verify .......................................................................................................................................... 8-15
9 Audit Vault SQL Server (AVMSSQLDB) Utility Commands
9.1
9.2
9.3
9.4
9.5
9.6
9.7
9.8
9.9
9.10
avmssqldb .................................................................................................................................... 9-2
add_collector................................................................................................................................ 9-2
add_source ................................................................................................................................... 9-3
alter_collector .............................................................................................................................. 9-4
alter_source.................................................................................................................................. 9-8
drop_collector.............................................................................................................................. 9-9
drop_source .............................................................................................................................. 9-10
-help ........................................................................................................................................... 9-10
setup ........................................................................................................................................ 9-11
verify ......................................................................................................................................... 9-12
10 Audit Vault Sybase ASE (AVSYBDB) Utility Commands
avsybdb ..................................................................................................................................... 10-2
10.1
add_collector............................................................................................................................. 10-2
10.2
add_source ................................................................................................................................ 10-3
10.3
alter_collector ........................................................................................................................... 10-4
10.4
alter_source............................................................................................................................... 10-6
10.5
drop_collector........................................................................................................................... 10-7
10.6
drop_source .............................................................................................................................. 10-8
10.7
-help ........................................................................................................................................... 10-9
10.8
10.9
setup......................................................................................................................................... 10-10
10.10 verify ....................................................................................................................................... 10-11
11 Audit Vault IBM DB2 (AVDB2DB) Utility Commands
11.1
11.2
11.3
11.4
avdb2db..................................................................................................................................... 11-1
add_collector............................................................................................................................. 11-2
add_source ................................................................................................................................ 11-3
alter_collector ........................................................................................................................... 11-4
viii
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
