Consider using Oracle's DBSAT - DB Security Assessment Tool. It is
updated quite regularly and likely could identify the issue found in OCC.
https://www.oracle.com/database/technologies/security/dbsat.html
That said, are you using Unified Auditing? If yes, is it linked properly?
/Hans
On 2019-02-28 8:33 AM, Scott Canaan wrote:
I am playing with security compliance evaluations in Cloud Control 13c (13.2.0.0.0) running on Red Hat 7 Linux. Using the Basic Security Configuration, everything passes (I get a score of 100%), but there is an error and I would like to figure out why.
The error is on the rule Enable Database Auditing. It is "Compliance Rule evaluation failed." I checked the rule in the sysman.mgmt$compliance_standard_rule and it says "Required auditing parameters for database auditing should be set." I believe this is referring to audit_trail, which is set to DB.
Is this telling me that audit_trail is not set properly or that it can't figure out what it is set at? How do I fix this?
Thank you,
*Scott Canaan ‘88**
*/Sr Database Administrator
/Information & Technology Services
Finance & Administration **
*Rochester Institute of Technology
*o: (585) 475-7886 | f: (585) 475-7520**
srcdco@xxxxxxx <mailto:srcdco@xxxxxxx> | c: (585) 339-8659
*CONFIDENTIALITY NOTE*: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.
