Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 162
Configuring dsms
Hide thumbs
Also See for SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1:
- Administration manual (370 pages) ,
- Manual (94 pages) ,
- Getting started (14 pages)
Table of Contents
Advertisement
156
O
DB L
RACLE
ISTENER
Step 7
Step 8
oracle_dblistener_fwdr.pl –t "tail –F <install_directory>/product/9.2/network/log/
listener.log" –f user.info –H 192.168.12.44 –h 192.168.1.100 –p 514
<14>Apr 14 13:23:37 192.168.12.44 AgentDevice=OracleDBListener
Command=SERVICE_UPDATE
Table 66-1 Command Parameters (continued)
Parameters Description
-t
Specifies the command line used to tail the log file (monitors any new
output from the listener). The log file may be different across versions of
the Oracle database; some examples are provided below:
Oracle 9i:
<install_directory>/product/9.2/network/log
/listener.log
Oracle 10g:
<install_directory>/product/10.2.0/db_1/network/log
/listener.log
Oracle 11g:
<install_directory>/diag/tnslsnr/qaoracle11/listener
/trace/listener.log
-f
Specify the syslog facility.priority to be include at the beginning of the
log.
If nothing is specified, user.info is used.
-H
Specify the host name or IP address for the syslog header. It is
recommended that this be the IP address of the Oracle server on which
the script is running.
-h
Specify the receiving syslog host (the Event Collector host name or IP
address being used to receive the logs).
-p
Specify the receiving TCP syslog port.
If a port is not specified, 514 is used.
-r
Specify the directory name where you wish to create the .pid file. The
default is /var/run. This parameter is ignored if -D is specified.
-l
Specify the directory name where you wish to create the lock file. The
default is /var/lock. This parameter is ignored if -D is specified.
Start the script. For example:
oracle_dblistener_fwdr.pl -h qradar_host -t "pblog -l -t"
Terminate the script:
kill -QUIT `cat /var/run/oracle_dblistener_fwdr.pl.pid`
For example, if you wish to monitor the listener log on an Oracle 9i server and send
the logs to STRM with the IP address of 192.168.1.100, you must enter:
A sample log from this setup would appear as follows:
DeviceTime=18-AUG-2006 16:51:43
Configuring DSMs Guide
Status=0
SID=qora9
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper 200 Series