Generating Security Events for Auditing Purposes

Similar Messages

• Security tools for audit and penetration testing weblogic server 10.3.5.0 and other

  hi all
  is it possible please introduce me the best softwares for auditing and penetration testing on weblogic server 10.3.5 (scan the machine for finding vulnerabilities and unsecured configuration in web logic server)
  thanks for your attention
  good luck

  This is a good one
  IBM developerWorks : Download : IBM Security AppScan V8.8

• ADF View Objects and Recording changes for Auditing Purposes

  Hello,
  I am a new to the JDeveloper paradigm and currently working on a J2EE web pilot project. I was wondering if I could get some some ideas on how I could implement auditing in an application. Basically when a user modifies some entries on the screen, I would like to make a note of what the record was like before commiting to the database. An administrator could then see, what changes the record has been through over a period of time.
  I was thinking of using XMLTypes with the database. Does Jdeveloper handle oracle XMLType fields, or would I be looking at something along the lines of a CLOB? At this point, I would rather not implement this functionality using database triggers. Any alternate suggestions would be appreciated.
  Regards
  Anora April…
  Jdeveloper 10.1.2 (1811)
  Oracle DB 10g 10.1.2

  Hi,
  I am also interested in a best-practice note from oracle.
  Currently we store history in seperate history tables for columns that changed. All this implemented in our BaseEoImpl overriding the EntityImpl.prepareForDML().
  Thanks

• Is there a list of the sound-generating System events for OS X? How to tweak?

  I work with a community with some minor physical and visual impairments. I have limited current OS X experience, and I am volunteering on their behalf. But this question is not directly about OS X assistive technologies. Right now, we would just like to add more+additional sound effects than seems to be the default for OS 10.8.
  In particular we would like:
  A loud sound when a USB device has become unplugged (when plugged in would be nice as well.)
  A clear sound when a password has been entered incorrectly.
  One of my users swears these sound events are already in there, and I am inclined to believe her. But confirming this is difficult on Mac OS 10.8.4 The “Sound Effects” dialog in the System Preferences only seems to be for alerts.
  So two questions:
  What are all the system sound events in OS 10.8.4
  How can we configure the sounds that are played for individual events?
  Thank you!

  Growl.info and HardwareGrowler can play sounds when hardware in attached/removed.
  Unplugged can tell you if your laptop power adaptor has been plugged in or unplugged.

• Extract Usage Report for audit purpose

  Hi All,
  I want to extract system usage report for SAP eSourcing system ..
  for example:
  names of all of the individuals who have logged into the system within a particular timeframe...
  thanks in advance...

  Hi Andrzej
  USR02 will not capture situations whereby a user was created and then deleted within the time frame
  SUIM user change documents would capture user creation in a system.
  Regards
  Colleen

• Generating many events for a dial control

  I want to fire events when the value of dial control increases to say 10, 20,30 so on. But I can only have one event per control. Is it possible to achieve this
  Kind Regards
  Austin
  Solved!
  Go to Solution.

  Austin,
  If I'm interpreting your request correctly I think your best bet is to just use the value changed event and then use a case structure to determine which value the dial has changed to.
  Something like this:
  Hope this helps.
  Regards,
  Simon

• Re: Generating Security files for BIAPPS ODI in linux

  Hi,
        DId you have to make any additional setting after have installed ODI ? I mean, I've installed OBIEE, ODI (just with Java EE components and Bi Apps).
        When I've ran configApps.sh I have got the following error at Configuring ODI step :
  configure_odi: Problem invoking WLST - Traceback (innermost last):
  configure_odi:   File "/u01/app/oracle/OBIEE/Oracle_BI1/bifoundation/install/configure_odi.py", line 261, in ?
  configure_odi:   File "/u01/app/oracle/OBIEE/Oracle_BI1/bifoundation/install/configure_odi.py", line 206, in _configureOdiDwIntegration
  configure_odi:  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  configure_odi:  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  configure_odi:  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  configure_odi:  at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  configure_odi:
  configure_odi: java.lang.Exception: java.lang.Exception: DW_FILE data server update failed with return code: 1
  configure_odi:
  java.lang.Exception: java.lang.Exception: WLST Script task failed with status 1
          at oracle.as.install.biapps.biappsconfig.standard.ODIConfigTask.doExecute(ODIConfigTask.java:65)
          at oracle.as.install.bi.biconfig.standard.AbstractProvisioningTask.execute(AbstractProvisioningTask.java:70)
          at oracle.as.install.bi.biconfig.standard.StandardProvisionTaskList.execute(StandardProvisionTaskList.java:66)
          at oracle.as.install.bi.biconfig.BIConfigMain.doExecute(BIConfigMain.java:113)
          at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:375)
          at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:88)
          at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:105)
          at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15)
          at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:96)
          at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:186)
          at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
          at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:86)
          at java.lang.Thread.run(Thread.java:662)
  Caused by: java.lang.Exception: WLST Script task failed with status 1
          at oracle.as.install.bi.biconfig.standard.WLSTScriptTask.doExecute(WLSTScriptTask.java:119)
          at oracle.as.install.biapps.biappsconfig.standard.ODIConfigTask.doExecute(ODIConfigTask.java:62)
          ... 12 more
        Does it related to create some credientials to ODI into WLST ?
  thanks

  Hi ,
  I was using a  wlst.sh from wrong location .( /u01/app/oracle/Middleware/wls)
  I have to use middleware/Oracl_BI1/common/bin   wlst.sh.
  Thanks
  Venkat

• Using the Audit Provider to log ejb security events

  I would like use the audit provider to log security events for ejbs that use container managed security. Specifically I want to record the name of the ejb being accessed, the method the user is accessing, the time of the event and the user name of the user who is accessing the ejb.So far I have created an ejb that has method-permissions defined in the ejb-xml file. I have a number of users with different levels of permissions and the security is working.I have also installed the example Audit class that is shipped with weblogic.I am getting Audit indo in the log file, but I do not get any ejb info being logged.Is it possible to use the Audit provider that weblogic provides to audit ejb security events? Do I need to do something special to make this work?Please help, I can not find any documentation about what the audit provider logs.

  Actually I never tried to login into the provider, but I understand you just need the keys.
  Try this code, it works for me (some pieces are missing, but this is the core)
          Provider provider=null;
       provider=new SunPKCS11(providerFile);   // providerFile is a String
       Security.addProvider(provider);
       KeyStore store=KeyStore.getInstance("PKCS11");
          char[] pin=pinAsString.toCharArray();   
       store.load(null, pin);
          PrivateKey key=(PrivateKey)store.getKey(alias, null);
          Certificate[] chain=store.getCertificateChain(alias);
          .....Using this approach I managed to read all the information from the provider (aliases, certificates, ...). I'm not sure that's what you needed, but I hope it helped.

• Generating a Report in Special Purpose Ledger

  Hi,
  Currently i am using K4 as fiscal year variant and for special purpose ledger i am using V3 as fiscal year varinat. However all documents are getting posted in relevant period. suppose if it a 1st period for financial accounting the it will be the 10th period for special purpose ledger.
  However, when i executed transction for generating the report for special purpose ledger It is not generating the report.
  Thanks
  Avinash

  Hi
  The Special purpose ledger is configured to store the data in transaction currency as well. We have configured it to store data in transaction currency, local currency and group currency.
  Thanks!
  AJ

• How to generate key events programmatically

  Hello friends,
  I am developing an application that would automaticall trigger some keboard events for this purpose i would like to trigger an event like alt+f4 i.e pressing alt+f4 together
  How can we do this using java
  regards
  hari

  You should be able to use the java.awt.Robot class to perform programmatic UI events.
  It doesn't seem that it permits use to do things like keyPress("alt-f4") so you might have to do something like this:
  Robot robot = new Robot();
  robot.keyPress(KeyEvent.VK_ALT);
  robot.keyPress(KeyEvent.VK_F4);
  robot.keyRelease(KeyEvent.VK_F4);
  robot.keyRelease(KeyEvent.VK_ALT);Hope this helps.

• Reports for Audit

  Dear All,
  Please tell me list of reports which are useful for audit purpose.
  Or
  Any other way where we find list of reports which are useful only for audit purpose.
  Regards,
  Mahesh Wagh

  Check this link http://www.saptechies.com/how-to-activate-the-img-change-log/

• Callback functions to handle events for a specific system build block

  I have two questions about customized event handling in Systembuild:
  1- The SystemBuild Utility "sysbldEvent" can bo used to specify additional actions for the "openblock" and "navigate" events. However, it will be applied to all systembuild blocks.
  Is there a way to limit its scope to a specific block or block type?
  This has been done for the Altia block (which is a customized UCB block) - a double-click will open a special dialog box. Is this feature implemented using publicly available systembuild features or there are other special features used?
  2- Is there any way to assign callbacks to other type of block events: copy, paste, etc ...
  Thanks.

  Farshid,
  There are a couple of options for creating custom dialogs/blocks.
  SysbldEvent can be used. As you noted it will generate and event for all the blocks. You can not generate an event only for a specific block. However the Xmath function has two values sent to it. One is the type of event (blockopen or navigate) and the blockId. You can use blockId together with SBA commands to find out which block generated the event. If it is a block that you are not interested in then return 0 and SystemBuild opens the normal dialog. If it is the right block then you can open your own dialog or perform what ever action is needed. Finally return a 0 if you want SystemBuild to still open the normal dialog, or you can return 1 and no dialog is opened.
  The Altia
  block is a custom block. It is a standard UserCode block that has been customized to have differnt default parameters and different icon. In the SystemBuild editor (not catalog browser) select a block and the go to Edit>New Custom Block. The custom block can a have a MathScript function associated with it that gets called when the block is created. For more information on custom blocks see chapter 18 of the SystemBuild Users Guide (Help>Search MATRIXx Bookshelf from Xmath).
  The final method is creating a component. For a component percent vars can remain internal or they can be available to the user. You can also provide a different set of parameters that are available to the user, and then provide equations for how they map to the internal percent vars. Information on Components is in Chapter 17 of the SystemBuild User's Guide.
  Carl L
  National Instruments

• Portal Users name for auditing

  Hi,
  How can i get the name of portal users. Some one told me that there is some Portal_api through which i can get Portal user and then i can write custom code to insert that name for auditing purpose in tha database table. Can any one tell me what that Portal_api is? If any has done this before then can you expalin it with some example.
  Your help in this matter will be highly appreciated.

  muhammad
  I can't tell you the exact name of any particular api but I can tell you where a good place to look.
  If you are familiar with any of the MONITOR functions on the Oracle main page, there is one sub category for "chart by user". The contents for these are located under the navigator -> contents -> monitor -> chart by user.
  I haven't drilled down far enough to find any specific calls, but since documentation seems so lacking for these thints, I have to go find an example to take apart for the pieces I need.
  Hope this helps.
  Mike

• Generate a Number for a already existing table with records

  Hi All,
  Is it possible to generate number for a column in a table. The table already has 50,000 records. I have a empty column in which I want to generate number sequentially for reference purpose......
  Whether it can be done ?????
  I was thinking og Merge/ rownum I didnt get any possibls solution out of it .........any suggestions....
  Thanks
  Ananda

  I have a empty column in which I want to generate number sequentially for reference purposeThe following table content :
  Oracle
  DB2
  MSSQLNow, you have to put a kind of ID, but what row will get the 1st ? What row will get the 2nd ? etc.
  If you don't care, then sequence as suggested is your friend. Then, you could use also sequence for further insert.
  Nicolas.

• Silenty change combobox contents without generating an event

  How do I do the following code without generating an item selected event?
          employeeModel.removeAllElements();
          for (Employee employee : employeeList) {
              employeeModel.addElement(employee); // FIXME generates event at index 0
          }

  you change the combo's model
  here's a simple demo - click the button to change the model
  import javax.swing.*;
  import java.awt.*;
  import java.awt.event.*;
  class Testing extends JFrame
    String[] numbers = {"1","2","3"};
    String[] letters = {"a","b","c"};
    JComboBox cbo = new JComboBox(numbers);
    public Testing()
      setDefaultCloseOperation(EXIT_ON_CLOSE);
      setSize(400,100);
      setLocation(400,300);
      JButton btn = new JButton("OK");
      JPanel panel =new JPanel();
      panel.add(cbo);
      panel.add(btn);
      getContentPane().add(panel);
      pack();
      cbo.addItemListener(new ItemListener(){
        public void itemStateChanged(ItemEvent ie){
          if(ie.getStateChange() == ItemEvent.SELECTED){
            System.out.println(cbo.getSelectedIndex());}}});
      btn.addActionListener(new ActionListener(){
        public void actionPerformed(ActionEvent ae){
          //cbo.removeAllItems(); //these two lines generate item event
          //for(int x = 0; x < letters.length; x++) cbo.addItem(letters[x]);
          cbo.setModel(new DefaultComboBoxModel(letters));}});//this doesn't
    public static void main(String[] args){new Testing().setVisible(true);}
  }