Security :: How To Enable Auditing In Oracle
Dec 8, 2011How to enable auditing in oracle ?
View 2 Replies
ADVERTISEMENT
Security :: Enable Auditing For Users?
Oct 10, 2012i enable auditing on the database 10.2 for users,
once i query SQL> SELECT username,
extended_timestamp,
owner,
obj_name,
action_name
FROM dba_audit_trail
WHERE owner = <Username>
there are many many rows , my question is , are you enable to truncate it from time to time , if not ,is it effect on the performance of the database ?
Security :: Send Oracle Auditing To Syslog
Mar 9, 2011I am using Oracle 11g (11.2.0.1) and I want to audit the specific tables in my schema and send to OS syslog.
For example, I have 3 tables A,B and C. If any user is accessing A and B tables (DMLs,select etc) then I want to audit and send it to OS syslog.
Enable / Disable Auditing From PHP
Dec 15, 2010In PL/SQL Plus, i can enable/disable auditing when i connect as sysdba by using these command:
SQL> ALTER SYSTEM SET audit_trail=db SCOPE=SPFILE
SQL> shutdown
SQL> startup
I've done it successfully with PL/SQL Plus command line. But in PHP, how can i do that?How to execute "shutdown" and "startup" from PHP?
I've found this code for connect to oracle as sysdba:
oci_connect("/", "", null, null, OCI_SYSDBA);
From the following link:
[URL]......
But, i still can't execute "shutdown", "startup";
Security :: Oracle Auditing DBA_STMT_AUDIT_OPTS Where User_name Is Null
Jan 8, 2013I have enabled Auditing but when i run the below given statement i get the output with count of 20 null username.I tried to run NOAUDIT ALL but still the same result.
Why does it show auditing for null username and how can i disable it.
select count(*) from DBA_STMT_AUDIT_OPTS where user_name is null;
20
Security :: Auditing At Table Level In 11g?
Apr 27, 2012We have recently upgraded our DR environment from 9i to 11g. We have auditing turned on for 3 tables.
On 9i, AUD$ table size is 11G for 12 months and the upgraded 11g environment has 9G in 2 days....
Below is the sql statement we used to turn on auditing on these tables.
audit select,update,delete on audit_Test2 by session;
Opened SR with Oracle, but no proper response from them...
what changes we need to do in order to reduce the amount of audit data on these tables in 11g?
Oracle 9i Auditing
Feb 24, 2011I have enabled auditing in my oracle9i DB, it is running fine, generating trails and I can capture those. Recently I checked in dba_audit_session table and found os_username, userhost, terminal showing null value whereas username is captured as my own (having dba prvis). Strange thing is that it doesn't occurs everyday.
One of the possibility of running batch files may occurs such issues, but I ran this batch everyday then why it is occurring some days only.
Attached File(s)
dba_audit_session.txt ( 2.71K )
Number of downloads: 4
Security :: Oracle 11G And Advanced Security / FIPS 140-2 Compliant Encrypt Data At Rest
Dec 26, 2012Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?
View 3 Replies View RelatedSecurity :: Moving Application Security To Oracle From Sybase
Aug 18, 2010In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
Performance Tuning :: How To Enable AWR In Oracle 10g
Jul 12, 2013I have installed database in one server. I would like to enable AWR into it. Statistics_level is set to Typical. While running the below script to enable the AWR, its gives error -
SQL> exec dbms_scheduler.enable('GATHER_STATS_JOBS');
BEGIN dbms_scheduler.enable('GATHER_STATS_JOBS'); END;
*
ERROR at line 1:
ORA-27476: "SYS.GATHER_STATS_JOBS" does not exist
ORA-06512: at "SYS.DBMS_ISCHED", line 4343
ORA-06512: at "SYS.DBMS_SCHEDULER", line 2802
ORA-06512: at line 1
make AWR automatical generation.
Server Administration :: How To Enable Firewall For Oracle Database
Sep 15, 2010How to enable firewall for Oracle Database..? Is it db specific..? or If I implement the firewall It will be applicable to all the databases in the server which are using same oracle home..?
View 7 Replies View RelatedEnable / Disable Archive Mode From The Pfile In Oracle 10g?
Jul 12, 2012I am using oracle 10g. Is there any mechanism to / parameter to enable or disable archive log mode? can I enable arching directly from pfile without touching the startup process?
View 2 Replies View RelatedForms :: How To Enable / Disable Keyboard Shortcuts In Oracle Apps
May 12, 2010How do we need to enable or disable the keyboard shortcuts in Oracle Apps like Shift+F6 for duplicate record, also how do I change the functionality, I mean suppose I want Key-M to do the same function as shift+F6.
View 2 Replies View RelatedHow To Enable Oracle Advance Compression For EXIST Partitioned Table
Feb 8, 2013I have to enable oracle advance compression for existing table which PARTITION BY RANGE then SUBPARTITION BY HASH.
ORacle version: 11.2.0.2.0
Installation :: 11g R2 In Fedora 17 (32 Bits) System - Oracle Patch To Enable DB Console?
Apr 23, 2013I have been working in the installation of oracle 11g r2 in my fedora 17 (32 bits) system for a few days and still have not gotten.Now I found that I need the OPtatch for enable the db console and even being a member of My Oracle Support I can not request the patch for a technical question.
1) Note to the Approver: I am that one because I am an end user (freelance)
2) Support Identifier: How can I get it?
SQL & PL/SQL :: DB Extended Auditing
Aug 24, 2010I have a database in which DB extended auditing is enabled but there are no audit specifications in privileges or statements or objects. So what will be audited in that case.
View 12 Replies View RelatedAuditing And Implicit Commits
May 11, 2009I'm working on a Java-based web application and we have unit tests that we use to test all our all code that interacts with the database or code that interacts with our DB code. The Spring framework allows us to perform some DML within a transaction before each test and then rollback the changes. For the most part, this works, however when I run the full suite of unit tests, it will randomly commit data to the database causing the rest of the tests to fail.
will Oracle's auditing let me see where this odd-ball commit is occurring? Is there another way for me to see when data is being committed?
This does not appear to be happening on any of the systems we've deployed, however this is a bit unsettling and would like to know why this is occurring so that we can prevent it from happening in production.
Data Auditing In Application?
Mar 31, 2011I am trying to maintain data audit in the database using triggers where i want to write the row level trigger in an generic way using the following concept .Using USER_TAB_COLUMNS table inside the trigger i want to bind all column values of the row into a single string in the following format
COLUMN_NAME = Value(:new/:old.COLUMN_NAME)=> this value would be bound dynamically is it possible to create a string for each row instance in the trigger at run time using the above mentioned format and user_tab_column table
Auditing Without Audit Vault
Mar 8, 2011how to set up alerts on specific audit log results without using Audit Vault?
View 1 Replies View RelatedAuditing Database Without Being DBAdmin?
Jul 17, 2012I would like to be aware of all select statements that are run against the schema I am responsible for (for performance analysis reasons) My privileges are restricted and I think I won't get access to any dba views.
So is there a recomondation how I can solve this requirement?
Auditing No Archive Log Mode
Jun 8, 2012I am using Oracle Database 10.2 in No Archive Log Mode. what auditing options are available in No Archive Log mode ?
View 4 Replies View RelatedAuditing For Queries With No Where Clause
Jul 31, 2012I'd like to audit a table for any SELECT queries that are executed against it with no WHERE clause. I've read the documentation on DBMS_FGA carefully, and as close as I can tell, creating a policy with a NULL audit_condition causes all queries against the table to be audited, which isn't what I'm looking for.
What I'd like is something like this:
DBMS_FGA.ADD_POLICY (
object_schema => 'scott',
object_name => 'emp',
policy_name => 'mypolicy1',
audit_condition => 'WHERE CLAUSE IS ABSENT',
audit_column => 'comm,sal',
[code].......
SELECT * FROM EMP;but queries with conditions ('WHERE sal > 400', for instance) are not trapped.
I'm using 11gR2 (11.2.0.2) on OEL.
Auditing Unsuccessful Select Statements
Sep 3, 2013I'm attempting to audit unsuccessful Select statements in order to trap a problem we're experiencing with our application. I have set the AUDIT_TRAIL initialization parameter to DB_EXTENDED, and bounced our database.
I've issued the AUDIT SELECT ANY TABLE WHENEVER NOT SUCCESSFUL command, and when I issue a SELECT statement as an application user, nothing appears in SYS.AUD$ even though the application has issued a select statement which returned no rows.
PCI - Auditing Connect / As Sysdba - Connections?
Feb 15, 2012I have a problem with a PCI DSS - requirement in Oracle 11.2. (PCI DSS = Payment Card Industry Data Security Standard)
Problem:
we connect via ' ssh -2 -X -l oracle hostname ' to the databaseserver and become os-user 'oracle'. we have also two offshore locations with dba's and each dba comes with his personalized user to the jumphost and then with the above ssh command to the database server.
the problem is that each dba becomes the oracle-os-account and can now connect with '/ as sysdba' to the database.in pci-dss this is not allowed !
now my question:how can I audit these '/ as sysdba'-connections and prove which user connected at which time with the '/ as sysdba' command ?
database is in audit mode. we log to syslog on linus redhat 5. I know one solution could be setting "SQLNET.AUTHENTICATION_SERVICES" parameter to "NONE" in sqlnet.ora file will make it not possible to connect to the database without a password as sysdba. (sqlplus / as sysdba). but we have to many applications and jobs and this is not really the solution in this case.
I think I can only solve this problem with personalized OS-user DBA-accounts in the dba-goup on os-site and os-user oracle should not be used for the future ?? I also need personalized dba-user-accounts in the database. using sys and system is not allowed. this users has to be locked and only for special administration work could it be unlocked.
Auditing Lob Column Changes When Working With Dbms_lob?
Oct 26, 2010It seems that dml trigger doesn't fire when lob field is being updated using dbms_lob package.
As it stated in Oracle documentation:
QUOTE Using OCI functions or the DBMS_LOB package to update LOB values or LOB attributes of object columns does not cause Oracle to fire triggers defined on the table containing the columns or the attributes.
I need to know that table was updated (or is about to be updated), how can I do that in case it is lob field that is being updated?
Security :: How To Configure Oracle EM With Newly Created Oracle Instance On 10g DB
Dec 11, 2012How to configure Oracle EM with newly created Oracle Instance on Oracle 10g DB,which is Single Instance DB but not RAC ,when I start the Oracle EM it is starting the default DB which created during Oracle Server Installation.
View 0 Replies View RelatedServer Administration :: Auditing Lob Column Changes When Working With Dbms_lob
Oct 26, 2010It seems that dml trigger doesn't fire when lob field is being updated using dbms_lob package. As it stated in Oracle documentation:
Quote:Using OCI functions or the DBMS_LOB package to update LOB values or LOB attributes of object columns does not cause Oracle to fire triggers defined on the table containing the columns or the attributes.
I need to know that table was updated (or is about to be updated), how can I do that in case it is lob field that is being updated?
Security :: Enhance Security Of Windows And Recover Lost / Forgotten Password?
Nov 16, 2010Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
Application Express :: How To Connect As A Real Database Account User For Auditing
May 15, 2013For auditing, I need to insert the user, among other data, into different tables. The thing is, I have an application with DB account authentication, so a real database user is connected, when auditing, the user field inserted is "ANONYMOUS".
Apex 4.2
EPG
Oracle Enterprise Linux 5.5
Database 11.2 EE
Server Utilities :: Possible To Configure Auditing To Get Number Of Rows Returned By Select Statements
Aug 22, 2011I am importing some data from Oracle into another database on a regular basis. It works fine for most of the queries but couple of queries don't work sometimes (random). I don't get any errors or any data.
We switched on the Oracle auditing to find out the queries being sent to oracle db. We can see all the queries in the Audit log. Is it possible to configure Auditing to get the "Number of Rows" returned by Select statements so that we can be sure that some data was returned.