Implement Database Audit on Oracle applications DataBase
Hi ,
I have faced an issue .
there are someone log in to the database and with sql statement through sqlplus he delete a record
I need a plan to implement an audit for this issue and a security method to apply to prevent this issues
and if it applicable how to create a database user like apps for the developer to recognize who is connecting the database
my environment :
DataBase : 11g R1(11.0.1.7)
applications : R 12.1.2
I will be so appreciated for helping me
Thanks
Osama Mohamed ahmed
Hi,
You can do it by Auditing the Database useing FGA(Fine Grained Auditing) and DBV(database vault) and for using those you need the licence for that.
however you can use some basic auditing
check the blow link for more deatail about the configuration.
http://www.oracle-base.com/articles/10g/auditing-10gr2.php
HTH
Similar Messages
-
Unable to connect Oracle Application Database using Discoverer Admin 10g
Hi,
I have installed oracle Admin 10g on my machine and trying to connect oracle application database but every time i am getting error like "Unable to connect to: user@hostname Failed to connect to database Unable to connect to Oracle Application Database. Invalid username/password".
Installed BI Discoverer Admin 10.1.2.1
Discoverer Admin Client 10.1.2.48.18
Database 9i
I have done following steps:
1. Selected radio button for Connect to Application EUL's.
2.Gateway User ID (GWYUID)/Password :APPLSYSPUB/PUB
3.FNDNAME:APPS
I able to connect discoverer plus.
Thanks
RaviHi Ravi
Glad to hear you solved this. It is very gratifying when one solves it alone, don't you think?
Best wishes
Michael -
Export - Import in Oracle Application Database
The export in Oracle Applications Database works fine.
But the import always show some issue and sometimes never completes.
Even if it completes it complete with error , how to ensure an error free export/import ?
How to handle a table movement if the table consists of a LONG column ?The errors are cannot import this tables..
Also mostly are of Long tables..Any IMP-XXXXX or ORA-XXXXX messages?
Can you explain how long objects are exported and imported ?What type of objects?
What is the database version?
Are you doing a full database import?
Also sometimes import hangs for 2/3 days?Does it hang when importing a specific object?
Did you follow the steps outlined in the following notes when you did the Export/Import?
Note: 362205.1 - 10g Release 2 Export/Import Process for Oracle Applications Release 11i
https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=362205.1
Note: 230627.1 - 9i Export/Import Process for Oracle Applications Release 11i
https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=230627.1 -
Database Sizing for Oracle Applications 11i
Hi,
I was wondering if someone could guide me on how to size an oracle applications database, we'll be using the following modules: GL,AP,CE,FA.
The operating system, might be windows 2000.
What I have in my mind right now regarding the information i need to collect is as follows:
1. No. of users
2. Estimated transaction activity for the above modules, and whether month
end's are particularly transaction intensive.
And yeah thats how far ive gotten , hence the help needed.
About the transaction activity, how do i really quantify it and then translate it into something meaningful that will help me in sizing the database. Could I perhaps get information regarding how many transactions an average user enters in a day ????
Well basically any sort of input would be really helpful, thanks in advance.
NMNeed to know the number of users as we can guess at the transactions level.
Some base line assumptions.
1. You need 1 Gybte of memory before you add any users.
2. You need 10 Gbytes of disc, to hold the SGA, UNIX, Swap Space, Application etc. -
Unable to connect to Oracle Applications database (afscpgcs) after clone
Hi,
I have just moved (clone using rapidclone) two of our 11.5.10.2 install from a solaris SPARC 8 to 10 . After the clone, while discoverer 10g works perfectly well in one environment, it is giving the error below in the another environment.
- Failed to connect to database - Unable to connect to Oracle Applications database (afscpgcs)
Notes:
1. For the 2 environments, nothing as changed apart from the hostnames.
2. The password has not changed on both - from source to targets.
3. This happens when launching discoverer 10g from Apps.... discoverer works well on it own if not launched from apps.
I raised a SR with oracle and the 2 things they said have not worked. they said
1. change signon password case parameter - but I cannot find that in the list of system parameters on our system.
2. The other note says apply patch 6430269 and I can confirm this patch has been on the system for sometime.
Please advise on this if you have come accross this before and you can help here.
ThanksThanks for your concern. I have used the notes you listed but no luck. One thing I have to point out here is that I have always cloned from solaris 8 to 8 for years without this problem. Now I am cloning from solaris 8 to 10 and the problems is on just one environment. The other is working well. The problem seems to be related to the apps password but the password has not changed at all. Also, I have tried to change the password to something else and ran autoconfig but no luck. Please help
-
Unable to connect to Oracle Applications database invalid username/password
Hi,
Ou Requirement is we want to connect to Oracle Applications using discoverer plus and discoverer viewer.
Application Server used : 10.1.2.0.2
Oracle Applications : R12 RUP4
We have installed application server 10g with OID and when we try to connect to oracle applications we are getting
A connection error has occurred.
- Failed to connect to database - Unable to connect to Oracle Applications database: invalid username/password.
Regards
KetanHi,
I think better to check with your sysadmin or DBA on this, I had the same isuse before but Apps 11i with Discoverer, I talked to ERP sysadmin and worked fine.
Since applications userid cannot talk with Discoverer schema (eul10_us) and it should directly talk with APPS user and then APPS user can talk with Discoverer user.
To the best of my knowledge I provided.
--skat -
How we build Java Database Connectivity for Oracle 8i Database
Can any one send me a sample code for Java Database Connectivity for Oracle 8i Database
it will be a grat help
Thanks & Regards
RasikaYou don't need a DSN if you use Oracle's JDBC driver.
You didn't read ANY of the previous replies. What makes you think this one willk help? Or any instruction, for that matter?
Sounds like you just want someone to give it to you. OK, I'll bite, but you have to figure out the rest:
import java.sql.*;
import java.util.*;
* Command line app that allows a user to connect with a database and
* execute any valid SQL against it
public class DataConnection
public static final String DEFAULT_DRIVER = "sun.jdbc.odbc.JdbcOdbcDriver";
public static final String DEFAULT_URL = "jdbc:odbc:DRIVER={Microsoft Access Driver (*.mdb)};DBQ=c:\\Edu\\Java\\Forum\\DataConnection.mdb";
public static final String DEFAULT_USERNAME = "admin";
public static final String DEFAULT_PASSWORD = "";
public static final String DEFAULT_DRIVER = "com.mysql.jdbc.Driver";
public static final String DEFAULT_URL = "jdbc:mysql://localhost:3306/hibernate";
public static final String DEFAULT_USERNAME = "admin";
public static final String DEFAULT_PASSWORD = "";
/** Database connection */
private Connection connection;
* Driver for the DataConnection
* @param command line arguments
* <ol start='0'>
* <li>SQL query string</li>
* <li>JDBC driver class</li>
* <li>database URL</li>
* <li>username</li>
* <li>password</li>
* </ol>
public static void main(String [] args)
DataConnection db = null;
try
if (args.length > 0)
String sql = args[0];
String driver = ((args.length > 1) ? args[1] : DEFAULT_DRIVER);
String url = ((args.length > 2) ? args[2] : DEFAULT_URL);
String username = ((args.length > 3) ? args[3] : DEFAULT_USERNAME);
String password = ((args.length > 4) ? args[4] : DEFAULT_PASSWORD);
System.out.println("sql : " + sql);
System.out.println("driver : " + driver);
System.out.println("url : " + url);
System.out.println("username: " + username);
System.out.println("password: " + password);
db = new DataConnection(driver, url, username, password);
System.out.println("Connection established");
Object result = db.executeSQL(sql);
System.out.println(result);
else
System.out.println("Usage: db.DataConnection <sql> <driver> <url> <username> <password>");
catch (SQLException e)
System.err.println("SQL error: " + e.getErrorCode());
System.err.println("SQL state: " + e.getSQLState());
e.printStackTrace(System.err);
catch (Exception e)
e.printStackTrace(System.err);
finally
if (db != null)
db.close();
db = null;
* Create a DataConnection
* @throws SQLException if the database connection fails
* @throws ClassNotFoundException if the driver class can't be loaded
public DataConnection() throws SQLException,ClassNotFoundException
this(DEFAULT_DRIVER, DEFAULT_URL, DEFAULT_USERNAME, DEFAULT_PASSWORD);
* Create a DataConnection
* @throws SQLException if the database connection fails
* @throws ClassNotFoundException if the driver class can't be loaded
public DataConnection(final String driver,
final String url,
final String username,
final String password)
throws SQLException,ClassNotFoundException
Class.forName(driver);
this.connection = DriverManager.getConnection(url, username, password);
* Get Driver properties
* @param database URL
* @return list of driver properties
* @throws SQLException if the query fails
public List getDriverProperties(final String url)
throws SQLException
List driverProperties = new ArrayList();
Driver driver = DriverManager.getDriver(url);
if (driver != null)
DriverPropertyInfo[] info = driver.getPropertyInfo(url, null);
if (info != null)
driverProperties = Arrays.asList(info);
return driverProperties;
* Clean up the connection
public void close()
close(this.connection);
* Execute ANY SQL statement
* @param SQL statement to execute
* @returns list of row values if a ResultSet is returned,
* OR an altered row count object if not
* @throws SQLException if the query fails
public Object executeSQL(final String sql) throws SQLException
Object returnValue;
Statement statement = null;
ResultSet rs = null;
try
statement = this.connection.createStatement();
boolean hasResultSet = statement.execute(sql);
if (hasResultSet)
rs = statement.getResultSet();
ResultSetMetaData meta = rs.getMetaData();
int numColumns = meta.getColumnCount();
List rows = new ArrayList();
while (rs.next())
Map thisRow = new LinkedHashMap();
for (int i = 1; i <= numColumns; ++i)
String columnName = meta.getColumnName(i);
Object value = rs.getObject(columnName);
thisRow.put(columnName, value);
rows.add(thisRow);
returnValue = rows;
else
int updateCount = statement.getUpdateCount();
returnValue = new Integer(updateCount);
finally
close(rs);
close(statement);
return returnValue;
* Close a database connection
* @param connection to close
public static final void close(Connection connection)
try
if (connection != null)
connection.close();
connection = null;
catch (SQLException e)
e.printStackTrace();
* Close a statement
* @param statement to close
public static final void close(Statement statement)
try
if (statement != null)
statement.close();
statement = null;
catch (SQLException e)
e.printStackTrace();
* Close a result set
* @param rs to close
public static final void close(ResultSet rs)
try
if (rs != null)
rs.close();
rs = null;
catch (SQLException e)
e.printStackTrace();
* Close a database connection and statement
* @param connection to close
* @param statement to close
public static final void close(Connection connection, Statement statement)
close(statement);
close(connection);
* Close a database connection, statement, and result set
* @param connection to close
* @param statement to close
* @param rs to close
public static final void close(Connection connection,
Statement statement,
ResultSet rs)
close(rs);
close(statement);
close(connection);
}% -
Auditing in oracle 10g database and oracle 10g application server
Dear friends,
We have oracle 10g application server and oracle 10g database server in place.My criteria is to audit users connected using oracle application user credentials to the database.
Can you please tell me how can i do it.
Thanks & regards,Its the database connection you want to track. The session audit will show where it came from.
Auditing is turned using this command:
alter system set audit_trail = DB scope=spfile;
Note: The use of spfile will require a DB bounce before audit starts
To audit Sessions:
audit create session;
Query by Audit Type:
SELECT A.USERNAME,
OS_USERNAME,
A.TIMESTAMP,
A.RETURNCODE,
TERMINAL,
USERHOST
FROM DBA_AUDIT_SESSION A
WHERE USERHOST = <replace with iAS servername> ;
By User
SELECT USERNAME,OBJ_NAME,ACTION_NAME , TIMESTAMP
FROM DBA_AUDIT_TRAIL WHERE USERNAME = 'SCOTT';
Check for users sharing database accounts
select count(distinct(terminal)),username
from dba_audit_session
having count(distinct(terminal))>1
group by username;
Attempts to access the database at unusual hours
SELECT username, terminal, action_name, returncode,
TO_CHAR (TIMESTAMP, 'DD-MON-YYYY HH24:MI:SS'),
TO_CHAR (logoff_time, 'DD-MON-YYYY HH24:MI:SS')
FROM dba_audit_session
WHERE TO_DATE (TO_CHAR (TIMESTAMP, 'HH24:MI:SS'), 'HH24:MI:SS') <
TO_DATE ('08:00:00', 'HH24:MI:SS')
OR TO_DATE (TO_CHAR (TIMESTAMP, 'HH24:MI:SS'), 'HH24:MI:SS') >
TO_DATE ('19:30:00', 'HH24:MI:SS');
Attempts to access the database with non-existent users
SELECT username, terminal, TO_CHAR (TIMESTAMP, 'DD-MON-YYYY HH24:MI:SS')
FROM dba_audit_session
WHERE returncode <> 0
AND NOT EXISTS (SELECT 'x'
FROM dba_users
WHERE dba_users.username = dba_audit_session.username);
Other audits you might consider:
audit grant any object privilege;
audit alter user;
audit create user;
audit drop user;
audit drop tablespace;
audit grant any role;
audit grant any privilege;
audit alter system;
audit alter session;
audit delete on AUD$ by access;
audit insert on AUD$ by access;
audit update on AUD$ by access;
audit delete table;
audit create tablespace;
audit alter database;
audit create role;
audit create table;
audit alter any procedure;
audit create view;
audit drop any procedure;
audit drop profile;
audit alter profile;
audit alter any table;
audit create public database link;
Best Regards
mseberg -
Re: JDeveloper not showing database objects in"Oracle Applications"Adapter?
Hi
I am trying to create a BPEL process through JDeveloper10.1.3.4 and using a Oracle Application Service. When using the Adapter Configuration wizard, i am successfully able to connect to the database but when there is an option to select the inteface to the Oracle Application Data for table/views/APIs/Concurrent Programs after clicking Next
I am getting an alert that says you are connected to 11.5.10 instance, Add the database objects.
After clicking in Add - Oracle Aplications Module Browser comes up with Blank values and nothing works here, neither Search nor Browse and just has a cancel button.
Please if some body has faced similar issue or has understanding on it, help me on this.
ThanksYou'll have better luck posting in the right forum. This one is for issues relating to Oracle's ODBC driver.
I'm not familiar enough with JDEV to know which forum that is top of my head though.
Greg -
Reg: oracle application database 11i
Database Version:9.2.0.6.0
Application version:11.5.10.2
OS version: Redhat linux 4Es
I want to upgrade the database 9.2.0.6.0 to 10.xxxx , please give me the solution.
Regards
DHi,
Please refer to (Note: 362203.1 - Oracle Applications Release 11i with Oracle 10g Release 2 (10.2.0)).
If you want to upgrade to 11g (which is also certified with Oracle Apps 11i), please refer to (Note: 452783.1 - Oracle Applications Release 11i with Oracle 11g Release 1 (11.1.0)).
Regards,
Hussein -
Upgrade Oracle Applications database 10.2.0.4 running on 32bit RHEL3u9 to
Hi we are currently planning to upgrade Oracle Applications RAC 2-node database 10.2.0.4 running on 32bit RHEL3u9 to 11.2.0.2 64bit on RHEL5u6 on a new hardware. Can I have some feedback if this is possible or do we migrate the 10.2.0.4 32bit RAC database to RHEL5u6 64bit using RMAN and then upgrade to 11gR2?
Current
Database 10.2.0.4 2-node RAC 32bit on RHEL3u9
Oracle E-business Suite 12.1.3 on RHEL5u6
Target
Database 11.2.0.2 2-node RAC 64bit on RHEL5u6
Oracle E-business Suite 12.1.3 on RHEL5u6
Thanks in advance
RafCan I have some feedback if this is possible or do we migrate the 10.2.0.4 32bit RAC database to RHEL5u6 64bit using RMAN and then upgrade to 11gR2?
Current
Database 10.2.0.4 2-node RAC 32bit on RHEL3u9
Oracle E-business Suite 12.1.3 on RHEL5u6
Target
Database 11.2.0.2 2-node RAC 64bit on RHEL5u6
Oracle E-business Suite 12.1.3 on RHEL5u6Please refer to (Using Oracle E-Business Suite Release 12 with a Database Tier Only Platform on Oracle 10g Release 2 [ID 456197.1]) for the supported way to migrate the 10gR2 database.
To upgrade the database to 11gR2, please refer to:
11gR2 11.2.0.2 Database Certified with E-Business Suite
http://blogs.oracle.com/stevenChan/entry/db_11gr2_11202_ebs
Thanks,
Hussein -
hi everyone,is there any view or query to count the total no of rows thats exists in entire single database tables.
"entire single database tables"
Do you mean one's db schema...????
If so,
SQL> declare
2 tab_x number(10);
3
4 begin
5 for x in (select table_name from user_tables)
6 loop
7 select num_rows cnt into tab_x from user_tables
8 where table_name=x.table_name;
9 dbms_output.put_line('table_name: '||x.table_name||' rows: '||tab_x);
10 end loop;
11 end;
12 /
table_name: DEPT rows: 5
table_name: EMP rows: 20
table_name: BONUS rows: 0
table_name: SALGRADE rows: 5
table_name: GEOGRAFIKO_DIAMERISMA rows: 13
table_name: NOMOS rows: 51
table_name: NOMARXIA rows: 54
table_name: POLEIS rows: 1033
table_name: POLEIS_DIAM rows: 6158
table_name: TEST_ rows: 0
table_name: TEST_DATES rows: 0
table_name: CHAINED_ROWS rows: 0
table_name: T rows: 3
table_name: NOMARXIA_NUM_POLEON rows: 2
table_name: DIMOS_EMP rows: 6
table_name: DIMOS_NUM_EMPS rows: 1
table_name: ALL_OBJ1 rows: 47200
table_name: ERROR_LOG rows: 2
table_name: ERRLOG_TAB rows: 0
table_name: PLSQL_PROFILER_RUNS rows: 8
table_name: PLSQL_PROFILER_UNITS rows: 40
table_name: EMPLOYEES_TEMP rows: 17
table_name: TEMP_TABLE rows: 24
table_name: EMP_TEMP1 rows: 12
table_name: TAB rows: 9
table_name: B rows: 0
table_name: A rows: 1
table_name: TEST rows:
table_name: GEO_DIAM_COUNT_NOMOI rows: 13
table_name: ALL_OBJ rows: 26226
table_name: PLSQL_PROFILER_DATA rows: 81
table_name: EMP_TEMP rows: 6
table_name: EMP_ rows: 12
PL/SQL procedure successfully completed
Greetings,
Sim -
How to implement C2 Audit in Oracle 10g Express Edition?
Hi,
I am developing a database using 10g Express Edition in which I need to implement c2 audit. I am planning to use triggers for this. Does anyone have a better method to implement audit in Express Edition?
Thanks.I don't know what C2 audit exactly is, but before programming anything read this Security Guide chapters on Database Auditing http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/auditing.htm#i1011984 and http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/cfgaudit.htm#i1014788.
All this should be available in XE also, except for Fine Grained Auditing, which is in Enterprise Edition only.
If you are only interested in knowing when, who, did what command, including failed attempts than you don't have to program anything - you just define what activities you want to audit and set AUDIT_TRAIL initialization parameter to start auditing.
You only need to write triggers if you need to catch column values before/after the change. -
Queries related to Oracle applications database .
Our ciurrent environment is 3 DB RAC node on 10.2.0.4
Apps ver is R12 with Linux x86-64
CRS on 11g R1
ASM on 11gR1
now to upgrade to 11gR2 should we go for DB upgrade from 10.2.0.4 to 11gR1 first and then upgrade CRS,ASM andthen upgrade DB to 11gR2.
Please guide me on this .
Regards .Hi;
Apps ver is R12 with Linux x86-64
CRS on 11g R1
ASM on 11gR1
now to upgrade to 11gR2 should we go for DB upgrade from 10.2.0.4 to 11gR1 first and then upgrade CRS,ASM andthen upgrade DB to 11gR2.Please see below notes which is mention by Steven Chan's blog
http://blogs.oracle.com/stevenChan/2009/12/11gr2_database_ebs_12.html
You can also see below master note:
Database Documentation Resources for EBS Release 11i and R12 [ID 1072409.1]
Regard
Helios -
Using Auditing with Oracle Applications
Hi all,
I need some help here!
I want to audit " create user" and create responsibilities and responsibilities association on my Oracle APPS enviroment.
I think that the "create user" is just put the AUDIT_TRAIL='DB' and then execute the command "audit create user by access" is just that??? Then i will query the table SYS.AUDIT$ and audit_action to see the results using the number 51 that is the action of 'create user'.
Hos to audit create responsibilities and responsibility associations??? I just know that we can activate some auditing using the system profile but don't help with these auditing that i need. I know that we have view like FND_LOGIN_RESPONSIBILITIES that show me some information about changed responsibilities.
Tks a lot,
Paulo PortugalWhy don't you consider AuditTrail? AuditTrail maintains a full history of changes made at the table/column level.
For more details, check the following thread:
Where to see result after auditing table columns in System Administrat
Re: Where to see result after auditing table columns in System Administrat
Maybe you are looking for
-
HT4910 My Contacts are no longer available in Outlook 2007 after an iCloud sync.
My contacts have been syncing between Outlook 2007 and iCloud just fine for over a month. Today the contacts are gone from Outlook, but I still see them on my iPhone 5s and on iCloud.com. What happened, how do I prevent it from happening again, and h
-
Help please with Palm Address and Memo Files
Hello.. I am new to this board, but perhaps someone can help me. I have a PalmOne Zire 31 and have used it for years. Primarily I used the Desktop verision on my laptop. Well, my laptop died and was recently replaced. Fortunately, as it was on it
-
Call screen in Function Module
Hi all, I want to call a Screen in function module.Is it possible? If possible.How can I do that? I tried calling a screen from a function module but the PAI module is not getting accessed. I am able to see the screen but when I click on the push but
-
when opening a window i keep getting C:\program files\mozilla firefox\eula exe; cant find file
-
Third Party PR account determination
Hello, We have configured the Third party sales scenario. When Sales order is created a PR is generated with account assignment cat "X" and item category "S". For acct assignment cat "X" the account modifier is VAX for which COGS G/L 50003001 is main