Sunday, February 14, 2010

Audit Vault

Audit Vault

Components of Oracle Audit Vault


  • Source Databases
  • Oracle Audit Vault Server
  • Audit Vault Collection Agent and Collectors


Source Databases
A source database is a database from which Oracle Audit Vault collects audit data.
Oracle Audit Vault can collect this audit data from the internal audit trail tables and
operating system audit trail files of a source database.
Supported Database Versions:
Oracle Database For the OSAUD and DBAUD collector types: Releases
9.2.x, 10.1.x, 10.2.x, and 11.x
For the REDO collector type: Enterprise Edition
Releases 9.2.0.8, 10.2.0.3, 10.2.0.4 and later, 11.1.0.6 and later, and 11.2 for the REDO collector type
Oracle Audit Vault Server
The Oracle Audit Vault Server contains the tools necessary to configure Oracle Audit
Vault to collect audit data from your source databases. The Audit Vault Server also
contains an Oracle database, and makes it available to reporting tools through a data
warehouse.
What Are Collection Agents and Collectors?
A collector retrieves the audit trail data from a source database and sends it to the
Audit Vault Server. The collection agent manages the collectors. The collectors send
both valid and invalid audit records, get configuration information, and send error
records using Oracle Call Interface (OCI) and JDBC password-based authentication. If
the collection agent is stopped, then the source database will still create an audit trail
(assuming auditing is enabled). The next time you restart the collection agent, then
Oracle Audit Vault retrieves the audit data that had been accumulating since the agent
was stopped.
You configure one collection agent for each host and one or more collectors for each
individual source database. For example, if a host contains four databases, then you
would configure one collection agent for that host and one or more collectors for each
of the four databases. The number of collectors that you configure and the collection
agent that you use to manage them depends on the source database type and the audit
trails that you want to collect from it.
Oracle Audit Vault Collection Agent Prerequisites:

  • The system must meet the following minimum hardware requirements:
  • At least 512 MB of available physical memory (RAM)
  • Swap space of 1024 MB or twice the size of RAM
  • 400 MB of disk space in the /tmp directory
  • 1 GB of disk space is required for the Oracle Audit Vault collection agent software.

Oracle Audit Vault Server Prerequisites: (for Linux)


  • At least 1 GB of physical RAM.
  • The following table describes the relationship between installed RAM and the configured swap space requirement.
  • Up to 512 MB 2 times the size of RAM
  • Between 1024 MB and 2048 MB 1.5 times the size of RAM
  • Between 2049 MB and 8192 MB Equal to the size of RAM
  • More than 8192 MB 0.75 times the size of RAM


  • 400 MB of disk space in the /tmp directory.
  • 4 GB of disk space for the Oracle Audit Vault Server software.
  • 1.6 GB of additional disk space for the Audit Vault Server database files in the
  • Oracle Base. This is only if the database storage option is on the file system. For other storage options, such as ASM, the database files will be stored elsewhere.

Also, this 1.6 GB disk space is only the starting size.

Oracle Audit Vault Server Prerequisites: (for AIX)


  • At least 1024 MB of physical RAM. The following table describes the relationship between installed RAM and theconfigured swap space requirement.
  1. Between 1024 MB and 2048 MB 1.5 times the size of RAM
  2. Between 2049 MB and 8192 MB Equal to the size of RAM
  3. More than 8192 MB 0.75 times the size of RAM


  • 400 MB of disk space in the /tmp directory.
  • 8 GB of disk space for the Oracle Audit Vault Server software.
  • 1.8 GB of additional disk space for the Audit Vault Server database files in the
  • Oracle Base. This is only if the database storage option is on the file system. For other storage options, such as ASM, the database files will be stored elsewhere.

Also, this 1.8 GB disk space is only the starting size. The Oracle Audit Vault
administrator must take future growth of the database size into consideration,
especially as the server collects more and more audit data.

Administrative Tools for Managing Oracle Audit Vault:
You can use the following tools to administer Oracle Audit Vault:
Audit Vault Console. This graphical user interface provides most of the
functionality that you need to administer Oracle Audit Vault.
Audit Vault Configuration Assistant (AVCA) command-line utility. Use AVCA to
perform operations such as adding, deploying, and dropping agents, or managing
wallets.
Audit Vault Control (AVCTL) command-line utility. Use AVCTL to load, refresh,
start, and stop Oracle Audit Vault collection agents and collectors. You also can
load and purge data in the Oracle Audit Vault data warehouse with this utility.
Audit Vault Oracle Database (AVORCLDB) command-line utility. Use
AVORCLDB to configure Oracle Database source databases with Oracle Audit
Vault.

Oracle Audit Vault Steps:

  • Create a User Account on the Oracle Source Database
  • Verify That the Source Database Is Compatible with the Collectors
  • Register the Oracle Source Database with Oracle Audit Vault
  • Add the Oracle Collectors to Oracle Audit Vault
  • Enable the Audit Vault Agent to Run the Oracle Database Collectors
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)