How to secure our database

Please,
Working with standard Edition as well as Enterprise edition on oracle 10g, I need to come up with some security recommendations to my boss, so, does someone give me a nice link or something else where I can grab some information to prepare the documentation?
The environnement is on windws.
Thanks a lot for your valuable help

3360's second link is to a security checklist in the Oracle docs...
If you're looking for third party books, if you can get it, Pete Finnigan's Oracle Security Step-by-Step or David Knox's Effective Security by Design are excellent.
Be aware, though, that "securing a database" can be a huge topic depending on the precise attack vectors you're trying to thwart. I could easily rattle off a dozen different database features, products, and add-ons that are designed primarily to secure your database. Plus plenty of principles to keep in mind when you're designing secure applications. And plenty of configuration issues to deal with...
Justin
Message was edited by:
Justin Cave

Similar Messages

How to secure oracle database

how to secure oracle database,
I am having the oracle database which will be packed as package in a machine and will be delivered to client place , need to ensure that the client will not access the database by any means.
Even he breaks the password (he should not break but despite client has broken the password) and went inside the database, he should not be able to see the databases Procedures ,views,functions and triggers.
Can we Encrypt this,if so can client will be able to decrypt the same?
Is there a way to secure the database from the client not to access the database.
Thanks!

933663 wrote:
so how can i secure when there is an option to unwrap ,then there is no use in using the wrap right?Yes, because when there is a lock there is a key, when there is wrap there is unwrap, when there is encrypt there is decrypt. We can not be rest assure for hack the code. I think you should think and explore above security options which are provided by Oracle itself which have lock and key by Oracle itself; which i have mentioned in my previous post.
You just think that if that is that much easy and cheap, then why Oracle have developed above options/features by expending many dollors..!!!
Regards
Girish Sharma

How to secure our program working folder from other users and prog

i want to secure my programme from other user and admin

Yes that is always a good idea... Although you shouldn't do anything to upset your admin.

Securing our customer database

Please,
We're concerning about securing our database customer 10g/windows base
The fact is that we're not admin of the server(own by the customer), but databases within are installed and administered by us. but we need to secure:
1. our dump file ( now using windzip 11 with passwd)
2. data files as well as the whole database to prevent the server admin to connect to the database ( we remove admin user from ORA_DBA group and changed the SQLNET.AUTHENTIFICATION_SERVICES to NONE)
3. We also locked most of some default account
Does anyone have ideas on how we should control our database?
or a nice link related to database security or good book that I can Read?
Thank you

Certainly, it is pretty hard to protect your environment from the sysadmin in a windows or a unix like environment, since this role has access to every single byte in your database. It is pretty lengthy to try to explain a whole strategy to protect your environment, but at a glance it would be to classify your information and encrypt the most sensitive data. You can also, starting from 10gR2 use database backup encryption.
I suggest you to refer to the advanced security for further technical details:
Oracle® Database Advanced Security Administrator's Guide
10g Release 2 (10.2)
Part Number B14268-02
You may consider techniques such as using label security.
Oracle® Label Security Administrator's Guide
10g Release 2 (10.2)
Part Number B14267-02
There are many other advices you can read at the advanced security manual
~ Madrid
http://hrivera99.blogspot.com/

How to secure database

hi,
i newly joined a company, where i need to maintain oracle database running on linux system.
my worries are below.
1. how to secure sys user access
as we know sys can access via "/ as sysdba" from remote.
2. except application database user (like scott) developer doesn't have any other user password but except this is there any way developer or any other third person can access oracle database?
3. any recommendation from expert to secure database from unauthorized access?
linux redhat 5
and oracle 11g

user12187801 wrote:
hi,
i newly joined a company, where i need to maintain oracle database running on linux system.
my worries are below.
1. how to secure sys user access
as we know sys can access via "/ as sysdba" from remote.
2. except application database user (like scott) developer doesn't have any other user password but except this is there any way developer or any other third person can access oracle database?
3. any recommendation from expert to secure database from unauthorized access?
linux redhat 5
and oracle 11gonly allow DBA to log onto DB Server
This excludes *NIX System Adminsitrator, too!

How can i solve to secure the database Control ?

Hello Good Morning !
I have applied 10.2.0.4 patchset on 10.2.0.1 binary , finally i upgrade my database by DBUA
When checking upgradation result screen - which was showed by DBUA. (i am confused what i blue marked below)
i am pasting following below. please have a look blue marked.
Some information about the step is available.
Step Execution Information:
Post UpgradeEarlier persistent initialization parameter file (spfile) has been renamed to: /u01/app/oracle/product/10.2.0/db_1/dbs/spfileorcltest.ora.bak.
A persistent initialization parameter file (spfile) has been created at the following location: /u01/app/oracle/product/10.2.0/db_1/dbs/spfileorcltest.ora.
Enterprise Manager Configuration
Oracle Enterprise Manager configuration is upgraded.
Enterprise manager configuration succeeded with the following warning -
Error securing Database Control, Database Control has been brought up in non-secure mode.
To secure the Database Control execute the following command(s):
1) Set the environment variable ORACLE_SID to orcltest
2) /u01/app/oracle/product/10.2.0/db_1/bin/emctl stop dbconsole
3) /u01/app/oracle/product/10.2.0/db_1/bin/emctl config emkey -repos -sysman_pwd < Password for SYSMAN user >
4) /u01/app/oracle/product/10.2.0/db_1/bin/emctl secure dbconsole -sysman_pwd < Password for SYSMAN user >
5) /u01/app/oracle/product/10.2.0/db_1/bin/emctl start dbconsole
To secure Em Key, run /u01/app/oracle/product/10.2.0/db_1/bin/emctl config emkey -remove_from_repos -sysman_pwd < Password for SYSMAN user >
Go to top Initialization Parameter changes
database upgrade has been completed successfully, and the database is ready to use.
The following document describes important behavioral changes from previous database releases to the Oracle Database 10g release:
/u01/app/oracle/product/10.2.0/db_1/assistants/dbua/doc/help/DefaultBehaviorChangesin10g.html
select comp_name , version, status from dba_registry;
Initialization Parameter changes
The following changes have been made in the initialization parameters:Parameters Updated:
Name                                Old Value                             New Value
db_recovery_file_dest              /u01/app/oracle/flash_recovery_area    /u01/app/oracle/flash_recovery_area
db_recovery_file_dest_size        2147483648                              2147483648
Thanks in advance .

This means the the URL for database control will use the http protocol. To convert to the https protocol (using the included SSL certificate), use the steps documented above. Before doing so, pl review MOS Doc 1222603.1
HTH
Srini

How to verify if I have Oracle XML DB setup in our database?

We are currenlty on Oracle 9i 9.2.0.6.0 version. Is Oracle XML DB out-of-box with the 9i version or is there additional setup required?
I was looking at some commands from XML DB Dev Guide, some of them work but some didnt like ...there was no plsql package DBMS_XDB in my database

Hi
We are currenlty on Oracle 9i 9.2.0.6.0 version. Is
Oracle XML DB out-of-box with the 9i version or is
there additional setup required? It depends on how you created the database.
I was looking at some commands from XML DB Dev Guide,
some of them work but some didnt like ...there was no
plsql package DBMS_XDB in my databaseTo find out which options were installed you can run the following query:
select comp_name from dba_registryHTH
Chris Antognini
Troubleshooting Oracle Performance, Apress 2008
http://top.antognini.ch

How to recover the database when some of the archive log file get deleted.

I am facing a problem with Oracle database, which is related to archivelogs.
Our development database is running in archivelog mode, but we don't have backups scheduled and have no recovery catalog.
When the database was in running condition, disk got full, so some archivelogs were deleted manually.
After this they restarted the DB, and now DB is not coming up. Errors are as follows:
SQL> startup
ORACLE instance started.
Total System Global Area 1444383504 bytes
Fixed Size 731920 bytes
Variable Size 486539264 bytes
Database Buffers 956301312 bytes
Redo Buffers 811008 bytes
Database mounted.
ORA-01589: must use RESETLOGS or NORESETLOGS option for database open
SQL> alter database open resetlogs;
alter database open resetlogs
ERROR at line 1:
ORA-01113: file 1 needs media recovery
ORA-01110: data file 1: '/export/home/oracle/dev/ADVFRW/ADVFRW.system'
SQL> recover datafile '/export/home/oracle/dev/ADVFRW/ADVFRW.system'
ORA-00283: recovery session canceled due to errors
ORA-01610: recovery using the BACKUP CONTROLFILE option must be done
SQL> recover database using backup controlfile;
ORA-00279: change 215548705 generated at 09/02/2008 17:06:10 needed for thread
1
ORA-00289: suggestion :
/export/home/oracle/dev/ADVFRW/ADVFRW.archivelog1/LOG_ADVFRW_1107_1.ARC
ORA-00280: change 215548705 for thread 1 is in sequence #1107
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
/export/home/oracle/dev/ADVFRW/ADVFRW.archivelog1/LOG_ADVFRW_1107_1.ARC
ORA-00308: cannot open archived log
'/export/home/oracle/dev/ADVFRW/ADVFRW.archivelog1/LOG_ADVFRW_1107_1.ARC'
ORA-27037: unable to obtain file status
SVR4 Error: 2: No such file or directory
Additional information: 3
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
CANCEL
Media recovery cancelled.
SQL>
1. How to recover the database and bring it online
Any help will be highly appreciated.
With Regards
Hemant Joshi
Edited by: hem_Kec on Sep 7, 2008 9:07 AM

Hi,
Archive log files are the copies of redolog files.As redo log files are circularly overwritten,oracle generates archive log file of the corresponding redo logfiles being overwritten.So if you have a backup that dates back to 10 am in the morning and if your database creashed at 3 pm,you cannot use the redo log files alone as they have incomplete information.To completely recover the database upto 3 pm,you need archive log files generated between 10 am to 3 pm. In your case since you are missing one archive log file,you cannot perform complete recovery and hence would suffer data loss.

VB 2008, CR component and MS Acc: how to access with database(not user) pwd

These are the detail of the query:
1. MS Access 2003 and later database via OLE DB provide for entry of a u201Cdatabase passwordu201D to provide additional protection.
2. In VB 2005 and in VB2008 environment I have managed to establish a connection with a database password and open recordsets using ADO connection. See code below.
Note. stPassword is user password and stDBPassword is database password with the following code:
With cnn
          'set connection string
          .ConnectionString "Provider=Microsoft.Jet.OLEDB.4.0; Password=" & stPassword & ";Data Source=T:\CPI.mdb;User ID=" & stUser & ";Persist Security Info=False;" & "Jet OLEDB:System database=t:\cpi.mdw;Jet OLEDB:Database Password=" & stDBPassword
          .Open()
End With
3. When using Crystal Reports component supplied with VS 2008 I can only provide USER NAME and USER PASSWORD. No information is available how and where to enter DATABASE PASSWORD to the Crystal Reports component. As a result, Crystal Reports Viewer starts to run. Obviously access is denied because no DATABASE PASSWORD has been provided to the component. A common dialog comes up to enter database password.
4. User does not necessarily need know the DATABASE password and I am not interested in providing the database password to every user who runs reports. In this project database password serves as a form of protection from tampering with the database structure and contents through the use MS Access to access the database.
5. Here is the code to demonstrate logon via Crystal Component described above:
Imports CrystalDecisions.CrystalReports.Engine
Imports CrystalDecisions.Shared
And then in a sub:
    Dim cnnInfo As ConnectionInfo = New ConnectionInfo()
    'cnnInfo.DatabaseName = cnn.DefaultDatabase
    cnnInfo.UserID = stUser
    cnnInfo.Password = stPassword
No place to input DATABASE password!!!
Does anyone know how can I input database password or provide a connection string or maybe ADO connection object which is opened within the project code.

It seems like it is not possible to set the DB level password with the CR Visual Studio bundled version (as stated in the following KB c2010267). You would need to use the full version, and use the code below:
Symptom
A VB .NET application uses Crystal Reports for Visual Studio .NET as the reporting development tool.
A report is created that connects to a password protected Microsoft Access Database.
How do you pass a password (for database level security) or a password and user ID (for user level security) at runtime using the different connection methods(Native/ODBC/OLEDB)?
Resolution
To pass the database level password or a user level
userid/password at runtime, use the following code
sample:
'Add the following namespaces to the top of the code
'page
Imports CrystalDecisions.CrystalReports.Engine
Imports CrystalDecisions.Shared
Dim crReportDocument As New ReportDocument()
Dim crConnectionInfo as New ConnectionInfo
Dim crtableLogoninfo As New TableLogOnInfo()
Dim CrTables As Tables
Dim CrTable As Table
crReportDocument = New CrystalReport1()
With crConnectionInfo
<**Insert code from below depending on the type of
connection and the version of Crystal Reports you are
using**>
End With
CrTables = crReportDocument.Database.Tables
For Each crTable in crTables
crTableLogonInfo.ConnectionInfo =
crConnectionInfo
CrTable.ApplyLogOnInfo(crTableLogOnInfo)
Next
CrystalReportViewer1.ReportSource =
crReportDocument
Database Level Security
" For Native and ODBC connections, use the following
code:
.Password = "Password"
" For OLEDB connections, use the following code:
.Password = chr(10) + "Password"
====================
NOTE:
You cannot set a database level password when
using Crystal Reports for Visual Studio .NET 2002 or
2003.
====================
User Level Security
" For ODBC and OLEDB connections, use the following
code:
.Password = "Password"
.UserID = "UserID"
For ODBC connections, in the ODBC data source, you
have to point the system database to the appropriate
MDW file. In addition, click the 'Advanced' button and
specify the User ID and password.
====================
NOTE:
You cannot set a user level password when using
a native connection with Crystal Reports 9.2 and
Crystal Reports for Visual Studio .NET 2002 or 2003.
This KB is valid for:
CRYS REPORTS VS .NET.9.1
CR FOR VS .NET 2005
CR FOR VS .NET 2008

Model Number you have entered is not listed in our database. windows 7 upgrade

i have purchased a Compaq Presario cq61 on the 24/07/09 (uk date) it came with vista home premium and it is in the eligible list on the hp support site for the windows 7 upgrade, but when i enter my serial number and product number into the arvato site, it says "We are sorry, but the Model Number you have entered is not listed in our database. " i cannot see how this is possible as i meet the specifications to be able to upgrade to windows 7, what do i do?

Please see: http://www.hp.com/country/us/en/mda/windows7/upgrade/index_ww.html to select your correct country or region.
Carey Frisch
Microsoft MVP
Windows Expert - Consumer

How to download the database form the call manager 7 to excel?

how to download the database from the call manager 7 to excel document?

No, it never did - the "ask" for the DRS folks to provide unencryption capabilities for their TARs is still out there (several other BUs want this) but so far as I know there's been zero movement on it. I've about given up hope on the DRS folks at this point - pretty clear this isn't a priority for them and I don't see much in the way of any kind of improvements on the product schedule for them at all, this included.
As a side note I've been pushing the Connection product managers to give us off box file system access to limited directories via a proxy service and roles (i.e. similiar to the ODBC proxy but for SFTP access) - armed with this we can provide our own (far superior) disaster recovery tools that work on a pull model instead of the full push DRS is built on - this would get partial backups, individual restores, about 6x increase in performance (more actually - I have a prototype that is hovering right around 10x the speed of DRS end to end), smaller backups, requires less space and resources on the server etc... etc... Fun stuff like doing a full backup on Sunday mornings and deltas every day of the week after that and another full backup Sunday etc... would be possible. Imagine.
I'll probably get more traction with that but it's a long road I'm afraid - as ever, asking your account team to enter a PERs helps - makes it more difficult for the product folks to delay on assigning engineering resources to such efforts.

How to increase the database size

Hi All ,
Our Client is going to increase their customers from 3.5 million to 5 millions
(12 millions in future ) and there is no increase in the existing licenses..
At present we have very less space in Data base server. We are Going Live at the End of the Month.
How to increase the database size to meet the Client requirements.
we have to increase the No of Processerors etc...
Below are the details of Servers:
System Model: IBM,7040-681
Machine Serial Number: 830D5BF
Processor Type: PowerPC_POWER4
Number Of Processors: 2
Processor Clock Speed: 1904 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 4 bgl-svr-biap
Memory Size: 4096 MB
Good Memory Size: 4096 MB
Note : Server is IBM P690.
1) System Lansdcape --> Two System Landsacpe ( Dev to Prod )
2) BW Version --> 3.5
3) SAP Basis --- > 6.4
4) No of Application servers currently having --> Only One Server
Can any body suggest me how to solve this.....
Thanks in Advance..
Kasi Chukka

Hi Kasi,
Your question is not very clear, from the looks of it, the load on your client's system will be doubling soon.
You need to look at the system stats on how the system is handling the current load, use transactions ST06, ST04 and ST02 to check if the DB hit ratios are as expected, the cpu idle time, the busy periods. Identify if there is large amounts of paging on the server(candidate for increase in real memory).
On AIX level, you will need to look at CPU / Memory usage.
On SAP Application server, you need to look at SAP Buffers.
On Oracle end, look at SGA stats, if it need to increase, the data growth that is current and estimated growth (DB02).
You will not get an exact answer to it, you will need to analyze the existing load and then estimate (guess). The hardware upgrade will also depend on what the client is willing to spend, its always a good practise to add 20% to what you have estimated as these figures are never accurate.
All the best.
Cheers,
Nisch

How to modify a database?

Hi forum members, I recently installed oracle10g on solaris 10 , and I could create a test database called solaris, but I could'nt create a new table for that database, Indeed I don't know how to open the database, thanks for your help I'm new in oracle and solaris as well.
I tried this but I couldn't modify the database
$ ./sqlplus /nolog
SQL*Plus: Release 10.1.0.3.0 - Production on Tue Nov 29 16:07:22 2005
Copyright (c) 1982, 2004, Oracle. All rights reserved.
SQL> CONNECT / AS SYSDBA
Connected.
SQL> STARTUP MOUNT
ORA-01081: cannot start already-running ORACLE - shut it down first
SQL> SHUTDOWN IMMEDIATE
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> STARTUP MOUNT
ORACLE instance started.
Total System Global Area 167772160 bytes
Fixed Size 778212 bytes
Variable Size 61874204 bytes
Database Buffers 104857600 bytes
Redo Buffers 262144 bytes
Database mounted.
SQL> CREATE TABLE "usuario" ("id" NUMERIC,"nombre" VARCHAR(30));
CREATE TABLE "usuario" ("id" NUMERIC,"nombre" VARCHAR(30))
ERROR at line 1:
ORA-01109: database not open
thanks in advance

You really need to get caught up on some basics. I encourage you to pick up the O'Reilly book titled 'Oracle Essentials' (see http://oracle.oreilly.com) to get up to speed. And then plan on spending some time either in the 2-day DBA or Oracle Concepts documentation.
To give you a bit of a start -
An Oracle database is a bunch of files. The database is controlled by an Oracle Instance. The instance is started (attached to the database) and stopped. In Windows the instance is a [Control Panel] service.
A listener can be started [and stopped] to monitor the network for requests. It is also a service. If it is not started, the instance will not respond to any network requests but WILL respond to SQLPlus requests by the same userid that installed the database and software.
You use the internal userid called SYS to do basic things like start and stop the instance. The SYS userid should never be used for anything else (there are exceptions to every rule, but...). Most newbies ignore this advice until they blow up their first database.
You can use DBA userid such as SYSTEM to manage the database to do things like add/manage users, add/manage schemas and add/manage tablespaces. A DBA userid should only be used for managing the database, not for owning tables and not for application work. Most newbies ignore this advice until they cripple up their first database.
User:
A userid should be created for each user - and each schema (see next section). You create it using sqlplus commands, usually run by the SYSTEM user
CREATE USER username IDENTIFIED BY password ACCOUNT UNLOCK
DEFAULT TABLESPACE USERS TEMPORARY TABLESPACE TEMP;
and give it privileges such as accessing the database and storing data by
ALTER USER username QUOTA UNLIMITED ON USERS;
GRANT CONNECT TO username;
Schema:
A schema is a special user that also has resource capability and ability to create and manage objects such as tables. There are many kinds of objects and ideally you should give permission to create/manage only those objects that are needed, such as
GRANT CREATE TABLE TO username; -- this makes is a schema.
Cheating - you can grant the resource role to the user which provides all the GRANTS for most objects.
GRANT RESOURCE TO username;
I call it cheating, because few actually look at the role and fewer realize how much capability is given by the resource role. It's pretty darned close to opening up security holes. Oh well ...
People who have had time with other RDBMSs such as SQL Server may view an Oracle Schema as roughly the same as a SQL Server (or other) Database.
Tablespace:
A tablespace is like a disk to Oracle - you can store things such as [many] tables and indexes in a tablespace. A tablespace is made of [one or more] operating system files. A number of files can be used in a tablespace to get around things like the 2GB limit that many operating systems have for typical files.
There are a bunch of tablespaces:
SYSTEM is for keeping the internal data dictionary and you should avoid using it for anything as filling it up will cause the database to stop.
SYSAUX is for Oracle's options and features and you should avoid using it as filling it up causes major pain. SYSAUX was introduced in 10g.
TEMP is used for sorting and other internal stuff. Do not let it autoextend otherwise it will grow forever. If you limit the size the area will be reused even though it appears to be busy.
UNDO/ROLLBACK is used for internal stuff such as recovering the original data if you cancel a transaction. Keep away from it other than to make it bigger. It's you friend - feed it properly and you can recover from data mistakes you made a few days ago.
Regular tablespaces are what's left - that's where your tables and indexes go (remember the DEFAULT TABLESPACE clause in create user???)
CREATING TABLES ...
Simplest form: as a new userid,
CREATE TABLE name_of_table (
column_name datatype_and_size,
another_column datatype_and_size ...
example:
CREATE TABLE test ( test1 date, test2 number, test3 varchar2(25));
then use it
INSERT INTO test VALUES (
to_date('Feb 13, 1987 09:14:56', 'Mon DD, YYYY HH:MI:SS'),
42,
'A test string');
SELECT test3 from test;
Oracle provides a few demo userids such as OE, HR, SH, IX & PM. Go to the documentation for your version of the database at http://docs.oracle.com and pull up the document titled 'Sample Schemas'. They are to help you learn about Oracle complete with data, and are usually loaded by default into new databases. A number of the examples and tutorials at Oracle By Exmaple (from http://otn.oracle.com >> Training menu >> Oracle By Example) use these schemas.

How to setup oracle database to archivelog mode and auto delete ?

Oracle 11g R2
- How to setup database to archive log mode and have oracle only save 24 hours of archive logs
and delete the rest. So at any given time I will have only 24 hours of archive log and not more.
So only 1 day of archive logs.
- Let me know the database parameters I need to setup to accomplish this.
- I don't want to use the RMAN
- I am not setting up the database to archive log mode for recovery purpose. I am setting up archive log mode
so we can use the log miner tool to dig up achives to see log activity for any performance & tuning.
Edited by: johnpau2013 on May 9, 2012 6:09 PM

johnpau2013 wrote:
Thanks everyone for there responses.
I need to rephrase and explain everyone as what I wanted to do exactly. This might help everyone understand and suggest me.
We have oracle database 11g r2. Its a test database. Nothing is critical. We use EXPDP utility to backup the entire database every night. Which is enough for us to recover incase something happens. Even if we loose some data. That's fine.
We are testing our web application on this oracle test database for performance & tuning.
One thing we have noticed is that the redo logs are switching very frequently. 50MB each log file and there are 5 logs. each log switches every 40 seconds. So we wanted to see what is getting written in this redo logs. We wanted to use the LOG MINER tool in OEM to read the logs. It needed our database to be setup in archive log mode. So the log miner can read the archive logs and show us the sql's within the archive logs.
Now when we setup the archive log mode on our database. By default the archive logs destination was set to flash recovery area ( may be oracle default archive log location is flash recovery area folder).
We have setup the db_recovery_file_dest_size to 100GB. Now within 2 days we have filled up the flash recovery area folder. Database was frozen. Then we realized that its because oracle couldn't write archive logs. Because it reached the 100GB. Then we physically deleted files in the flash recovery area folder. Thinking it would help us start the frozen oracle database. But it didn't . The we realized that we are doing something wrong. As Oracle does not know that at OS level we deleted the files. Then temporarily we changed the db_recovery_file_dest_size to 130GB and were able to start the oracle database. Later we turned OFF the archive log mode.
Being a rookie DBA we would have not read something properly.
Finally:
We wanted to know how to always keep only 1 day of archive logs (only for our performance tuning ) and not more than that. All we need this 1 day of archive logs is to use the log miner to read them. Backup is NOT our priority here. Only be able to read the archive logs from LOG MINER is PRIORITY.
Correct me if I am wrong.Okay, so its making much more sense now, thanks for explaining your requirement.
Database won't honor anything that you would do over the o/s without telling it. Your deletion of the archive log from the o/s location is NOT updated in the control file of the database and that's why, even when you had deleted the entire 100GB , from the db perspective, the space was still marked as used. This is the same which would happen even if you would increase the space from 100gb to whatever size as well. To delete the space, you would need to update the database's control file and that you can do from RMAN using its two commands , crosscheck backup following with deleted expired backup . The first command would find that which database backup files are NOT on the o/s which are shown in the control file and would mark all of them as expired. The second command would simply delete those expired files. This would update the control file and you would have your 100gb or whatever space, given back to you.
To keep the archive logs of just one day, set up that Retention Policy for RMAN to either number of copies using the Redundancy option(default and set to 1) or Recovery Window. I believe for you Redundancy would be a suitable choice but you can have a read and play around with it. Setting it up would mark the files as Obsoleted and finally, you can write a small RMAN script to delete those obsoleted files.
Now, what I don't understand is that why you want to keep on generating the archive logs just for the log miner? If you would have generated them once and figure out the reason for extensive redo generation(did you try increasing the redo log file size, 50mb seems to be smallish) , I don't think that there is any reason to keep on generating the archive logs still .
And last part, for your question asked about that whether we can use RMAN to put the db in the archive log and is it a backup tool, yes and yes.
HTH
Aman....

How to duplicate the database/catalog ?

Hi,
How can we quickly duplicate our database/catalog to create a test environment ?
Thanks,
Paul

Do you mean to copy the existing Database ( Schema) into your test environment?
You can Export and Import your schema like this:
File --> Import --> SAP HANA --> Catalog Objects
Regards,
Krishna Tangudu

How to secure our database

Similar Messages

Maybe you are looking for