Re: Auditing Oracle Database

  • From: Stefan Knecht <knecht.stefan@xxxxxxxxx>
  • To: "fuzzy.graybeard" <fuzzy.graybeard@xxxxxxxxx>
  • Date: Wed, 16 Sep 2015 04:09:42 +0700

What Hans already suggested - and on top of that I'd ask myself who I'd
want to audit , and what am I going to do with the data?

Just turning on auditing is easy. Making sure your audit data is used
properly (anomalies are caught and acted upon) and your audit data is
protected from being tampered with ( if I'm SYS and I have access to the
"oracle" user, try to audit what I want to hide from you if I'm a malicious
DBA) is the hard part, and is where your auditing implementation can shine
or fall.

Stefan





On Wed, Sep 16, 2015 at 12:46 AM, Hans Forbrich <fuzzy.graybeard@xxxxxxxxx>
wrote:

The first question that comes to mind is: what is the purpose of the
audit? There are a large number of purposes, and the best approach to
auditing really depends on the scope and duration of the audit.

I encourage you to work through the Oracle provided docs, especially the
Oracle Security Guide. For 11gR2, use
http://docs.oracle.com/cd/E11882_01/network.112/e36292/auditing.htm#DBSEG006

I also encourage jumping on the Oracle Enterprise Manager Cloud Control
bandwagon and using the built-in Compliance tools, which are basically an
ongoing 'configuration and security' based on best practices. See the
'Compliance Standards' document hidden in the Reference section of the
Enterprise Manager Cloud Control docs at http://docs.oracle.com (Why
they make this so complicated to find, I'll never understand!)

If your concern is Security, then consider reviewing the white papers at
http://petefinningan.com or http://red-database-security.com

And I have been pleasantly surprised by the 'Best Practice' PDF
presentations by various consultancies as found by Googling "Best Practices
Audit Oracle Database"

HTH/
Hans
The opinions expressed are my own and do not necessarily reflect the
opinions of Oracle Corp.


On 15/09/2015 10:44 AM, carlos castro wrote:

Hello List,

Can anyone point me in the right direction on how should i audit an
Oracle Database.
I will audit all the tiers and being the database one of those tiers i
am here looking for some help on the Db side
.
Is there a list of things i need to check?

Or is a security and performance troubleshooting enough?

Regards,

Arestas
--
//www.freelists.org/webpage/oracle-l




--
//www.freelists.org/webpage/oracle-l



Other related posts: