Audit source framework
Job details
| Name: |
Audit source framework |
| Platform: |
Oracle |
| Category: |
Audit |
| Description: |
Task that installs and upgrades the procedure for retrieving audit data in a audit source. |
| Long description: |
|
| Version: |
5.8 |
| Default schedule: |
* * * * |
| Requires engine install: |
Yes |
| Compatibility tag: |
.[type=‘instance’ & databasetype=‘oracle’]/.[hasengine=‘YES’] |
Parameters
| Name |
Default value |
Description |
| Maximum number of rows to process |
1000000 |
Maximum number of rows to process per scheduled task run |
Job Summary
- Purpose: The purpose of this job is to implement and manage an auditing framework within an Oracle instance. It handles the installation, upgrade, and execution of procedures to track and consolidate audit data effectively.
- Why: This job is significant as it ensures the reliability and integrity of audit data collection in the Oracle environment. Consistent and accurate audit data are crucial for security, compliance, and forensic analysis. Given the automated management of audit logs, operational efficiency improves, reducing manual oversight and potential errors.
- Manual checking: To manually inspect aspects of this job, SQL commands can be issued to view specific audit-related data from various tables involved in the job:
SELECT * FROM dbw_aud;
SELECT * FROM dbw_aud_rec_histr WHERE event_time > sysdate - (3/24);
SELECT * FROM dbw_aud_src_stats;
Key Tasks and Dependencies
- Object installation tasks include setting up essential database objects such as sequences, tables, functions, and procedures necessary for collecting and managing audit data.
- Dependencies involve multiple database objects (procedures, functions, tables, and sequences) which work collectively to process, transfer, and record audit data.
- Cleanup mechanisms are in place to handle failures during the execution of dependent tasks, ensuring the system remains in a consistent state.
Core Components and Operations
| Component |
Description |
| dbw_get_audit_rowset |
Retrieves and processes audit data based on a specific rowset id. |
| dbw_collect_audit_data |
Gathers audit data from Oracle’s system audit table (sys.aud$) and transfers it to a custom table for better management. |
| dbw_make_rowset_cs |
Generates checksum for a rowset to ensure data integrity during transfer or storage. |
| dbw_audit_copy |
Main procedure to manage the audit data copying process, effectively moving data and ensuring the data integrity post-transfer. |
Reporting and Monitoring
- “Audit framework” and “Collect audit data (source)” reflect recent activities within the audit tables, providing insights into records being imported and overall table counts.
- Graphical presentations in reports allow visual tracking of audit data count and processing times, aiding in quick assessment and decision-making regarding the auditing process’s performance and efficiency.
Automation and Scheduling
- The default schedule set for the job is to execute every minute, indicating a high priority and frequency in maintaining up-to-date audit records.
- This aggressive scheduling ensures that the audit data is consistently collected and processed in near real-time, minimizing latency in data availability for audit analysis.
Enhancements and Maintenance
- Version control and update details are carefully managed, with clear logs on versioning to track changes and upgrades to the audit framework over time.
- The approach to managing and updating the database objects and procedures is structured to allow seamless upgrades and modifications without impacting the ongoing data collection processes.
This monitoring job, with its comprehensive setup and operations, plays a pivotal role in the auditing capabilities of an Oracle database environment, enhancing both security and compliance through meticulous data management and analysis.