Table of Contents
Advertisement
Oracle Database Server Generic
Enable auditing to the database by adding the following entry to the Oracle instance initialization file,
Step 2
usually named init<SID>.ora
This file is usually located in $ORACLE_BASE/admin/<SID>/pfile, where <SID> is the name of the
Oracle instance.
If a binary initialization file is used for this instance, make sure you update it first. This file is usually
located in $ORACLE_HOME/dbs and named spfile<SID>.ora. Ask your DBA about the location of
these files as well as the policies applied for this server.
Restart the database to activate the change made to the initialization file.
Step 3
Turn on all the logs that you want to audit. The following example is turning on the "audit session".
Step 4
Repeat the previous step for all the logs that you want to audit.
Step 5
Create a user account on this server and grant select privilege for the view dba_audit_trail. Our example
Step 6
assumes the user has login name "pnuser".
You'll use "pnuser" as the value for "User Name" in the MARS setup.
To test that everything was properly configured, audit logs are written to the database and "pnuser" has
Step 7
read access to them, execute the following commands:
If the above count is anything but zero, congratulations, you have successfully configured the Oracle
Server! You will have to repeat the above procedure for every Oracle server that you want to report audit
logs to MARS.
Add the Oracle Database Server to MARS
To represent the Oracle database server in the web interface, follow these steps:
Click Admin > Security and Monitor Devices > Add.
Step 1
User Guide for Cisco Security MARS Local Controller
11-2
SQL> conn / as sysdba;
SQL> @$ORACLE_HOME/rdbms/admin/cataudit.sql
AUDIT_TRAIL=DB
[oracle@server]$ sqlplus /nolog
SQL> conn / as sysdba;
SQL> shutdown immediate;
SQL> startup;
SQL> audit session;
Audit succeeded.
SQL> grant select on dba_audit_trail to pnuser
[oracle@server]$ sqlplus pnuser/<password>@<oracle_server>
SQL> select count(*) from dba_audit_trail;
COUNT(*)
----------
3
Chapter 11
Configuring Database Applications
78-17020-01
Advertisement
Table of Contents
Troubleshooting
