Agent installation for Oracle Database
----Install Agent
Step#1
chown oracle:oinstall agent.jar
export JAVA_HOME=$ORACLE_HOME/jdk
export PATH=$JAVA_HOME/bin:$PATH
Step#2
Make directory:
/u01/app/oracle/avdf_agent
Step#3
Download agent.jar file from AVDF console
Step#4
[oracle@billdb jdk]$ cd /u01/app/oracle/avdf_agent
[oracle@billdb avdf_agent]$ java -jar agent.jar -d /u01/app/oracle/avdf_agent
Agent installed successfully.
If deploying hostmonitor please refer to product documentation for additional installation steps.
[oracle@billdb avdf_agent]$
Start agent:
Use the activation key mentioned in step#3
BILLDB::OIX2-KFAA-IY8M-PLW#-0SA9
[oracle@billdb bin]$ ./agentctl start -k
Enter Activation Key:
Checking for updates...
Agent is updating. This operation may take a few minutes. Please wait...
Agent updated successfully.
Agent started successfully.
[oracle@billdb bin]$
Verify agent status:
[oracle@billdb bin]$ pwd
/u01/app/oracle/avdf_agent/bin
[oracle@billdb bin]$ ./agentctl status
Agent is running.
[oracle@billdb bin]$
Step#5
Login as superuser and verify agent status
Step#6
Perform below steps in target DB (BILLDB)
sqlplus as sysdba
create user avdfuser identified by Oracle_123;
[oracle@billdb config]$ pwd
/u01/app/oracle/avdf_agent/av/plugins/com.oracle.av.plugin.oracle/config
[oracle@billdb config]$ sqlplus / as sysdba
Version 19.3.0.0.0
SQL> show user
USER is "SYS"
SQL> show parameter db_name
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
db_name string billdb
--SETUP for granting Audit Collection and Audit Policy Management privileges
SQL> start /u01/app/oracle/avdf_agent/av/plugins/com.oracle.av.plugin.oracle/config/oracle_user_setup.sql AVDFUSER SETUP
Session altered.
Enter username for granting privileges:
Setting username to 'AVDFUSER'
Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'SETUP'
Granting privileges to "AVDFUSER" ... Done.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.3.0.0.0
[oracle@billdb config]$
--SPA for granting Stored Procedure Auditing privileges
[oracle@billdb config]$ sqlplus / as sysdba
SQL> start /u01/app/oracle/avdf_agent/av/plugins/com.oracle.av.plugin.oracle/config/oracle_user_setup.sql AVDFUSER SPA
Session altered.
Enter username for granting privileges:
Setting username to 'AVDFUSER'
Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'SPA'
Granting privileges to "AVDFUSER" ... Done.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.3.0.0.0
--ENTITLEMENT for granting Entitlement retrieval privileges
[oracle@billdb config]$ sqlplus / as sysdba
start /u01/app/oracle/avdf_agent/av/plugins/com.oracle.av.plugin.oracle/config/oracle_user_setup.sql AVDFUSER ENTITLEMENT
Session altered.
Enter username for granting privileges:
Setting username to 'AVDFUSER'
Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'ENTITLEMENT'
Granting privileges to "AVDFUSER" ... Done.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.3.0.0.0
Step#7
select granted_role from dba_role_privs where grantee='AVDFUSER';
GRANTED_ROLE
--------------------------------------------------------------------------------
AUDIT_ADMIN
AUDIT_VIEWER
RESOURCE
select privilege from dba_sys_privs where grantee='AVDFUSER';
PRIVILEGE
----------------------------------------
AUDIT ANY
AUDIT SYSTEM
CREATE SESSION
Step#8
col owner format a10
col table_name format a15
col tablespace_name format a12
col interval format a20
set lines 300
select owner,table_name,interval,partitioning_type,partition_count,def_tablespace_name from dba_part_Tables where owner='AUDSYS';
SQL>
create tablespace avdf_aud_data
datafile '/u01/app/oracle/oradata/BILLDB//avdf_aud_data01.dbf' size 2048m;
BEGIN
DBMS_AUDIT_MGMT.SET_AUDIT_TRAIL_LOCATION(
audit_trail_type => dbms_audit_mgmt.audit_trail_unified,
audit_trail_location_value => 'AVDF_AUD_DATA');
END;
/
BEGIN
DBMS_AUDIT_MGMT.INIT_CLEANUP(
AUDIT_TRAIL_TYPE => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL,
DEFAULT_CLEANUP_INTERVAL => 1 );
END;
/
BEGIN
DBMS_AUDIT_MGMT.CREATE_PURGE_JOB (
AUDIT_TRAIL_TYPE => DBMS_AUDIT_MGMT.AUDIT_TRAIL_ALL,
AUDIT_TRAIL_PURGE_INTERVAL => 1,
AUDIT_TRAIL_PURGE_NAME => 'CLEANUP_OS_DB_AUDIT_RECORDS',
USE_LAST_ARCH_TIMESTAMP => TRUE );
END;
/
PL/SQL procedure successfully completed.
SQL> select owner,table_name,interval,partitioning_type,partition_count,def_tablespace_name from dba_part_Tables where owner='AUDSYS';
AUDSYS
AUD$UNIFIED
INTERVAL '1' MONTH
RANGE 1048575 AVDF_AUD_DATA
Step#9
Login as superaudit user
Step#10
Issues Faced:
Retrieving Audit Setting Using AVDF Fails With 'Failed to connect to DB' Error (Doc ID 2589826.1)
Added target DB tns entry in AVDF Appliance machine.
1. Connect to the AV Server "support" account via a terminal session (like putty)
2. Execute: su - root
3. Execute: su - oracle
4. Execute: /usr/local/dbfw/bin/javafwk stop
5. Execute: /usr/local/dbfw/bin/javafwk start
6. Check to see if java process is executing: ps -ef | grep java.
7. If there is a java process go to step 9
8. If there no java process, please create a Service Request with Support.
9. Connect to the AV Console as the AV Admin and stop and start the AV Audit Trails.
No comments:
Post a Comment