SoftTree Technologies SoftTree Technologies
Technical Support Forums
RegisterSearchFAQMemberlistUsergroupsLog in
Loading Audit Files into Database

 
Reply to topic    SoftTree Technologies Forum Index » DB Audit, DB Mail, DB Tools View previous topic
View next topic
Loading Audit Files into Database
Author Message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Loading Audit Files into Database Reply with quote

I've downloaded DB Audit Enterprise tool and am
testing it to decide upon purchasing.

The documentation explains how to audit privileged users
and I've configured everything according to the doc. However,
the reference states that DB Audit provides
a way to load the oracle audit files (9ir2) into the database
and I can't figure out where/how to do this.

I see a stored procedure in the DB_AUDIT schema
sp_aud_file_loader but not sure how it gets called
and running it manually don't know what parameter
to pass for 'symbol'.

Can somebody point me to instructions for this?
Thanks

Tue Nov 08, 2005 6:30 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

In the Management Console, click "System Audit" menu then "Advanced" menu. On the Options dialog activate "Audit SYS Operations" tab, click the "Install" button. In case if you are running Oracle on Windows, also click "Install Service" button. In your Oracle parameters file add the following line and bounce the database.
AUDIT_SYS_OPERATIONS = TRUE

PS. The mentioned stored procedure will be automatically scheduled to run every 15 minutes and load trace files into the corresponding audit trail table.

For more details please see
"Auditing Privileged Users connected as SYSDBA or SYSOPER" subtopic in "Configuring Advanced Options for Oracle" topic of "CHAPTER 3, System Auditing" in the DB Audit's User's Guide

: I've downloaded DB Audit Enterprise tool and am
: testing it to decide upon purchasing.

: The documentation explains how to audit privileged users
: and I've configured everything according to the doc. However,
: the reference states that DB Audit provides
: a way to load the oracle audit files (9ir2) into the database
: and I can't figure out where/how to do this.

: I see a stored procedure in the DB_AUDIT schema
: sp_aud_file_loader but not sure how it gets called
: and running it manually don't know what parameter
: to pass for 'symbol'.

: Can somebody point me to instructions for this?
: Thanks

Tue Nov 08, 2005 6:43 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

Thanks - I've done these steps & I now see that this
procedure is set up to run in dba_jobs and has failed on
every attempt & is broken.

This is what is scheduled
db_audit.sp_aud_file_loader('/app1/oracle/admin/pwrdev/audit', '/');

This is the correct location where I have pointed audit files to
it is running under user SYS - is that correct?

I have granted execute prvs on both the procedure
and the package under db_audit but
When I try to run it manually - this is the error i get

Error: ORA-29540: class AuditFileHandler does not exist ORA-06512: at line 1, Batch 1 Line 1 Col 1

I receive the same error when running it as DB_AUDIT user.
I have installed jvm in the database - looks like the java classes
that your package uses are not loaded.

I have also attempted to uninstall & reinstall. This is a unix system.

Thanks for you help

: In the Management Console, click "System Audit" menu then
: "Advanced" menu. On the Options dialog activate "Audit SYS
: Operations" tab, click the "Install" button. In case if you
: are running Oracle on Windows, also click "Install Service"
: button. In your Oracle parameters file add the following line and bounce
: the database.
: AUDIT_SYS_OPERATIONS = TRUE

: PS. The mentioned stored procedure will be automatically scheduled to run
: every 15 minutes and load trace files into the corresponding audit trail
: table.

: For more details please see
: "Auditing Privileged Users connected as SYSDBA or SYSOPER" subtopic
: in "Configuring Advanced Options for Oracle" topic of
: "CHAPTER 3, System Auditing" in the DB Audit's User's Guide

Tue Nov 08, 2005 8:19 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

Please verify things got installed correctly.

1. /app1/oracle/admin/pwrdev/audit must be listed in UTL_FILE_DIR parameter
To check run SELECT * FROM v$parameter WHERE name = 'UTL_FILE_DIR'

2. P_AUDIT_FILE_HANDLER packege is installed and valid
SELECT OWNER, OBJECT_TYPE, OBJECT_NAME, STATUS FROM DBA_OBJECTS WHERE OBJECT_NAME='P_AUDIT_FILE_HANDLER'

3. Associated Java stored procedures are installed and valid
SELECT OWNER, OBJECT_TYPE, OBJECT_NAME, STATUS FROM DBA_OBJECTS WHERE OBJECT_NAME='AUDITFILEHANDLER'

4. DB_AUDIT user got permissions to run Java files and access files outside of db

CALL DBMS_JAVA.GRANT_PERMISSION('DB_AUDIT', 'java.io.FilePermission', ' >', 'read, delete');
CALL DBMS_JAVA.GRANT_PERMISSION('DB_AUDIT', 'SYS:java.lang.RuntimePermission', 'readFileDescriptor', '');
GRANT JAVAUSERPRIV TO DB_AUDIT;
GRANT EXECUTE ON UTL_FILE TO DB_AUDIT;
GRANT SELECT ON sys.v_$instance TO db_audit;
GRANT SELECT ON sys.v_$process TO db_audit;

: Thanks - I've done these steps & I now see that this
: procedure is set up to run in dba_jobs and has failed on
: every attempt & is broken.

: This is what is scheduled
: db_audit.sp_aud_file_loader('/app1/oracle/admin/pwrdev/audit', '/');

: This is the correct location where I have pointed audit files to
: it is running under user SYS - is that correct?

: I have granted execute prvs on both the procedure
: and the package under db_audit but
: When I try to run it manually - this is the error i get

: Error: ORA-29540: class AuditFileHandler does not exist ORA-06512: at line 1,
: Batch 1 Line 1 Col 1

: I receive the same error when running it as DB_AUDIT user.
: I have installed jvm in the database - looks like the java classes
: that your package uses are not loaded.

: I have also attempted to uninstall & reinstall. This is a unix system.

: Thanks for you help

Tue Nov 08, 2005 10:55 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

Thanks again - I have verified all of this. I even completely removed
everything and started over. DB_AUDIT has privs to all files in /app1/oracle/admin/pwrdev/audit
via java io.

All of these objects exist.
I am still getting the same error.

Going to do some more research on ORA_29540 error
on Metalink. Do you have any other ideas?

: Please verify things got installed correctly.

: 1. /app1/oracle/admin/pwrdev/audit must be listed in UTL_FILE_DIR parameter
: To check run SELECT * FROM v$parameter WHERE name = 'UTL_FILE_DIR'

: 2. P_AUDIT_FILE_HANDLER packege is installed and valid
: SELECT OWNER, OBJECT_TYPE, OBJECT_NAME, STATUS FROM DBA_OBJECTS WHERE
: OBJECT_NAME='P_AUDIT_FILE_HANDLER'

: 3. Associated Java stored procedures are installed and valid
: SELECT OWNER, OBJECT_TYPE, OBJECT_NAME, STATUS FROM DBA_OBJECTS WHERE
: OBJECT_NAME='AUDITFILEHANDLER'

: 4. DB_AUDIT user got permissions to run Java files and access files outside
: of db

: CALL DBMS_JAVA.GRANT_PERMISSION('DB_AUDIT', 'java.io.FilePermission', '
: >', 'read, delete');
: CALL DBMS_JAVA.GRANT_PERMISSION('DB_AUDIT',
: 'SYS:java.lang.RuntimePermission', 'readFileDescriptor', '');
: GRANT JAVAUSERPRIV TO DB_AUDIT;
: GRANT EXECUTE ON UTL_FILE TO DB_AUDIT;
: GRANT SELECT ON sys.v_$instance TO db_audit;
: GRANT SELECT ON sys.v_$process TO db_audit;

Wed Nov 09, 2005 3:46 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

Is Java actually enabled in the database?

PS. The fact is it installed doesn't mean it is enabled. What do you have in v$parameters view for %JAVA% parameters?

: Thanks again - I have verified all of this. I even completely removed
: everything and started over. DB_AUDIT has privs to all files in
: /app1/oracle/admin/pwrdev/audit
: via java io.

: All of these objects exist.
: I am still getting the same error.

: Going to do some more research on ORA_29540 error
: on Metalink. Do you have any other ideas?

Wed Nov 09, 2005 5:17 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

I doublechecked everything yesterday, java was
enabled - everything appeared to be configured
correctly according to Metalink.

Information on metalink for this error indicated
that something was loaded wrong - either pieces of
of the jvm or the actual class/java source itself,
multiple problems with using the LOADJAVA package
were indicated also.

I have removed everything from my database and
will start over using the database configuration
assistant to configure java instead of manual
process. Oracle does not have formal jvm
instructions for 9ir2 yet...I'll post again if
I still have any problems.

Thanks for all your help

: Is Java actually enabled in the database?

: PS. The fact is it installed doesn't mean it is enabled. What do you have in
: v$parameters view for %JAVA% parameters?

Thu Nov 10, 2005 1:01 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

still having same problem after completely starting
over - I noticed the java source had been loaded with
the name in all caps AUDITFILEHANDLER and all other
references were mixed case AuditFileHandler
so I dropped & reloaded it with mixed case name
but still received same error.

from DBA_java_classes
OWNER NAME ACCESSIBILITY SOURCE SUPER
SYS AuditFileHandler PUBLIC AuditFileHandler.java java/lang/Object

Does this look correct?

Fri Nov 11, 2005 2:12 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

I am checking this. I will get back to as soon as a I know what is missing or what else to check.

: still having same problem after completely starting
: over - I noticed the java source had been loaded with
: the name in all caps AUDITFILEHANDLER and all other
: references were mixed case AuditFileHandler
: so I dropped & reloaded it with mixed case name
: but still received same error.

: from DBA_java_classes
: OWNER NAME ACCESSIBILITY SOURCE SUPER
: SYS AuditFileHandler PUBLIC AuditFileHandler.java java/lang/Object

: Does this look correct?

Fri Nov 11, 2005 2:50 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

Ok, I figured out what is happing there. You are not installing this as DB_AUDIT user, as a result the AuditFileHandler class gets created in your schema rather then in DB_AUDIT schema leading to "class AuditFileHandler does not exist" error when db_audit.sp_aud_file_loader stored procedure is executed.

: still having same problem after completely starting
: over - I noticed the java source had been loaded with
: the name in all caps AUDITFILEHANDLER and all other
: references were mixed case AuditFileHandler
: so I dropped & reloaded it with mixed case name
: but still received same error.

: from DBA_java_classes
: OWNER NAME ACCESSIBILITY SOURCE SUPER
: SYS AuditFileHandler PUBLIC AuditFileHandler.java java/lang/Object

: Does this look correct?

Fri Nov 11, 2005 5:51 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

Thank you - I had wondering about it being installed in SYS schema
sorry for making this so difficult but I was
just following the documentation that
says to connect as sys or another sysdba user

and there isn't anything that tells you to connect as
DB_AUDIT user after creating it - the documentation even
states that you don't tell us what the password is because
it shouldn't be used for anything other than storing tool
information

so...should I go through the steps to create alternate audit objects & db_audit
schema, change the password and THEN login to db audit expert as DB_AUDIT
to load/create the resource/class through audit sys operations tab?

thank you for staying with me on this...i really like this
tool and it's going to make it a lot simpler for us
to implement for SOX requirements

: Ok, I figured out what is happing there. You are not installing this as
: DB_AUDIT user, as a result the AuditFileHandler class gets created in your
: schema rather then in DB_AUDIT schema leading to "class
: AuditFileHandler does not exist" error when
: db_audit.sp_aud_file_loader stored procedure is executed.

Fri Nov 11, 2005 6:01 pm View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 7838

Post Re: Loading Audit Files into Database Reply with quote

This is not your fault. The documentation must clearly describe every step including which user to use for the setup, and I agree it doesn't do that. I hope it can be fixed in the next build. Should be ready next week.
I am sorry it took a while to figure out the root cause. I had to uninstall my stuff and try several setups before I was able to reproduce that issue.

: Thank you - I had wondering about it being installed in SYS schema
: sorry for making this so difficult but I was
: just following the documentation that
: says to connect as sys or another sysdba user

: and there isn't anything that tells you to connect as
: DB_AUDIT user after creating it - the documentation even
: states that you don't tell us what the password is because
: it shouldn't be used for anything other than storing tool
: information

: so...should I go through the steps to create alternate audit objects &
: db_audit
: schema, change the password and THEN login to db audit expert as DB_AUDIT
: to load/create the resource/class through audit sys operations tab?

: thank you for staying with me on this...i really like this
: tool and it's going to make it a lot simpler for us
: to implement for SOX requirements

Fri Nov 11, 2005 6:14 pm View user's profile Send private message
Cheri G



Joined: 08 Nov 2005
Posts: 10

Post Re: Loading Audit Files into Database Reply with quote

Great, thanks for the validation, I'm usually pretty
sharp at figuring this stuff out and it was
frustrating me as well.

glad you were able to reproduce
and i'll look for the new build

I will try re-installing on monday this
way and do some testing - but it looks like
we'll be purchasing this! Thanks again

: This is not your fault. The documentation must clearly describe every step
: including which user to use for the setup, and I agree it doesn't do that.
: I hope it can be fixed in the next build. Should be ready next week.
: I am sorry it took a while to figure out the root cause. I had to uninstall
: my stuff and try several setups before I was able to reproduce that issue.

Fri Nov 11, 2005 7:22 pm View user's profile Send private message
Display posts from previous:    
Reply to topic    SoftTree Technologies Forum Index » DB Audit, DB Mail, DB Tools All times are GMT - 4 Hours
Page 1 of 1

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


 

 

Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.