Capture Login Of Terminal In Audit Trail When Login Through Grid?
May 15, 2013
I am trying to understand how to enable some audit so we can capture OEM logins as well.
Here is my setup. Lets say my DB that i am auditing is called audit_db (audit trail set to DB) sitting on host called host_db. and we have grid control agent on this box.now my grid control is as this. Lets say my OMS and repository is on host called OMS_host.
we run query aginst dba_audit_session to get info as to who tried failed login attemps and stuff.
Now to the part that is not working.
-- this is the good part When i intentionaly login to the audit_db with sqlplus client from my laptop with wrong username/password that is captured. we get the username,os_username,userhost,terminal.
here is the sample output
username is the wrong user that i tried to login as
os_username is the my local username(ad account)
userhost is my_laptop_name
terminal is laptop_name
from above we can figure who was trying to login(failed).
-- this is the bad part But lets say i try to login to audit_db through grid control and use wrong username/password.that gets captured too(but not all of it). we get the username,os_username,userhost,terminal.
here is the sample output
username is the wrong user that i tried to login as
os_username is the user of OMS repository db(oracle)
userhost is oms_host
terminal is unknown
Now with the above info, we cannot figure out who tried to login with bad login credential.
I am using the below code to capture all important logs when user failed to login on database , but i cant capture the username which are failing to connect on database.
CREATE OR REPLACE TRIGGER failed_logon_notifications AFTER SERVERERROR ON DATABASE
When i try to login into em it always give - [URL]... dba role is granted to the user and i have verified the passoword . I even tried with system user and it gave me same error.
Validation Error
Examine and correct the following errors, then retry the operation:Host Credentials - Connection to host as user system failed: ERROR: Wrong password for user
I am trying to setup logon/logoff auditing for our databases which reside in 9i and 10G on sun solaris servers. I am asked to turn on auditing sending the audit data to syslog! How exactly do you do that?
In Oracle Database 11.2.0.2, to delete audit trails after the audit records have been inserted into Oracle Audit Vault, is it necessary to schedule Oracle Audit Vault jobs to clean up audit trails on a scheduled basis, or AV automatically cleans up audit trails after the audit records have been inserted into the Audit Vault? I know there is a DBMS_AUDIT_MGMT package, but in 11gR2, the deletion of audit trails isn't done automatically?
I installed Audit Vault Server 12 (not install firewall) in a oracle linux vmware and activated an agent for Oracle 11g release 2 in windows 7 x64 vmware according to Oracle® Audit Vault and Database Firewall Installation Guide and Administrator’s Guide Release 12.1.0 as follows:
1) ALTER SYSTEM SET AUDIT_TRAIL=XML, EXTENDED SCOPE=SPFILE; Database restart
2) Register the Oracle Database Host Machine
3) Deploy Agent and Request Activation on the Host Machine
4) Create user accounts on the secured targets and set up Oracle AVDF user privileges on an Oracle Database secured target.
5) Register Secured Targets in the Audit Vault Server with user acount of stpe 4:jdbc:oracle:thin:@//IP:1521/orcl
6) Configure an Audit Trail in the Audit Vault Server : TABLE - sys.aud$ or DVSYS.audit_trail$, DIRECTORY - directory of audit trail xml saved.
I turned off firewall just in case.Administrator web page of AVDF showed only messages of "request completed" after configuring an audit trail in the Audit Vault Server.But, collection state was a red downward arrow, and even auditor web page showed same state.I couldn't show audit trails in the auditor web page.
in my environmnet audit is working audit_trail=db,extended . i am also viewing report of audit trail from dba_audit_trail or aud$. But problem is that i have to generate report on which object of schema what audit is running .
or from which tables we can get information of following commands.
AUDIT ALL BY xx_test BY ACCESS; AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE, DELETE TABLE BY xx_test BY ACCESS; AUDIT EXECUTE PROCEDURE BY xx_test BY ACCESS;
I am using oracle developer 10g. I want to know the status of the printer where i want to print. If the running report is printing or in queue then a record is to be inserted into a table as audit-trail of printing. Idon't want to do it manually.
[oracle@RSASPGERP02 ~]$ cd / [oracle@RSASPGERP02 ~]$ . .bash_profile [oracle@RSASPGERP02 ~]$ sqlplus / as sysdba sql*plus:Release 10.2.0.4.0 - production Error: ORA-09925:Unable to create audit trail file
[code]....
its standby archieving problem ,the problem appears when try to connect directly or through telenet and we try to login directly using oracle user we receving following message and login fail, "GDM could not write to your authorization file,this could mean that you are out of disk space or that your home directory could not be opened for writting"
I am trying to login through front end application. I am getting the error login failed.
I tried to login from back end using same USERID and password. In the login page it's asking for EDUSERID and password. I tried to connect from backend to the database using same EDUSERID and password and it's working fine. But why from front end application I am unable to login.
How to disable a user's sql login? To ellaborate, I want a user to login through a certain application only with his userid on database level & not through "sqlplus username@dbname".
Is it possible? If no, then what can be done to achieve below.
I have a userid which has all the update, delete privileges on it. That id needs to be configured in the application alongwith the password. So in order to avoid misuse of that id I want to block its sql access.
I am not sure whether this can be achieved or not.
I need to design my login form to be able to connect to different database environment (Env1 and Env2).When the login form is loaded it is already connected to Env1, after the user enters his login details he has option to continue with Env1 or connect to Env2.I used the "Logout;" to disconnect from already connected Env1 and used "Logon(<username>,<pwd>@<Db instance>);" but i see that the form will connect to Env1 irrespective of what environment credentials i provide in Logon. how i can disconnect from Env1 and connect to Env2. Is this possible?
I am new to Oracle and I have just installed 11g on my 64-bit laptop and after downloading and installing SQL Developer I can nolonger log in using DBSNMP and my specified password both from SQL PLUS or Developer retaining this error message : ERROR: ORA-01033: ORACLE initialization or shutdown in progress.
SQL> connect / as sysdba ERROR: ORA-01031: insufficient privileges
sqlnet.ora text:
# This file is actually generated by netca. But if customers choose to # install "Software Only", this file wont exist and without the native # authentication, they will not be able to connect to the database on NT. #SQLNET.AUTHENTICATION_SERVICES = (NTS) SQLNET.INBOUND_CONNECT_TIMEOUT=1
I have a problem to login on my database 11.1.0.7 on linux 64. It were migrated from 9.2.0.4 and everything was fine but now I am not able to connect to database.
Only one way when I can connect is when the database is started in RESTRICTED mode and I cold login under sys (sysdba).
But when i leave this mode, nobody can connect . sqlplus is freeze and I have to kill that session. What could be a reason? Any parameters? It's strange for me because It was working..
"C:UsersKarthikeyan>sqlplus / as sysdba SQL*Plus: Release 12.1.0.1.0 Production on Sat Sep 7 17:42:37 2013 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR:ORA-12560: TNS:protocol adapter error Enter user-name:"
this is the first time i tried to open sql*plus and i didn't create any database connection before....so i don't have any username and password.......
I have a mainform through which one can access 3 different application(say a ,b,c)i have made three push buttons by clicking it the main menu of the respeective application is called.The three applcication have different users(user a,user b,userc)and have different database on the same version(db1,db2,db3 on 111g).I am using formservlet and i am calling the main form. configuration.I dont want the user to enter the username and password so i have hardcored it in formsweg.cfg file. my problem is that i login to the main form as 'user a' so i can access the application'a'.but now if i want to access applicatin 'b' how can i can i login as 'user b'?
When I run sqlplus and try to loging as system/<admin passwd> I get information:
ERROR: ORA-01034: ORACLE not available ORA-27101: shared memory realm does not exist Linux-x86_64 Error: 2: No such file or directory Process ID: 0 Session ID: 0 Serial number: 0
I understand, that this is a common question and the common answer is don't have trailing slash in ORACLE_HOME and set ORACLE_SID. But I did this.
How can we create a user such that he can login only at a particular time of the day . if he try's to login other than the Time assigned ,shouldn't allow.
