Friday, August 31, 2018

Audit Vault Agent Deployment on Target Host

Audit Vault Agent Deployment on Target Host


Summary;
  1. Install java 1.6 or above and Set path in user profile
  2. Download Agent from Audit Vault console
  3. Target host must be register in Audit Vault
  4. Install and Start Audit Vault Agent on Target
  5.  Start or activate Audit Vault Agent on Target
  6.  Agent Start, Stop and Status on target
     ------------------------------------------------------------

1.     Install java 1.6 or above

 Set JAVA_HOME and Path in user profile
 $ Vi .bash_profile
 export Java_HOME=/home/oracle/jrockit-jdk1.6.0_45-R28.2.7-4.1.0      
 export PATH=$JAVA_HOME/bin:$PATH
 save .bash_profile


2.     Download Agent from Audit Vault console

  Ø   Login as AVADMIN
  Ø  Host  => Agent
  Ø  Click Agent Release and Download


3.     Target host must be register in Audit Vault


  Ø Login audit vault as AVADMIN
  ØClick on register
  
  ØEnter required information of target host
    => Hostname:
    => IP address:

Ø  Click save

4.     Install Audit Vault Agent on Target

  Ø  Agent installation on Target Host:

 [oracle@dbvault ~]$ java -jar /u01/agent.jar -d /u02/avagent

 Checking for updates...
 Agent is updating. This operation may take a few minutes. Please wait...
 Agent updated successfully.
 Agent installed successfully.
 If deploying host monitor please refer to product documentation for additional installation steps.

 [oracle@dbvault ~]$

Note:

/u01/agent.jar                  => downloaded agent file location
/u02/avagent                    => Audit vault desire installation location 

5.     Start or Activate Audit Vault Agent on Target

To activate please note agent key from Audit Vault server;

  Ø  Login Audit vault as AVADMIN
  Ø  Note agent key from Audit Vault console
         Agent key:
         N#E9-WWEW-XGDL-STSU-MBFA                    (kay may change as per AVDF)

  Ø  Start Agent on target with activate key

 $ cd /u02/avagent/bin
 [oracle@dbvault bin]$ ./agentctl start -k
 Enter Activation Key:                                      => Enter / past above noted agent key
 Agent started successfully.

 [oracle@dbvault bin]$

6.     Agent Start, Stop and Status on target

 $ cd AGENT_HOME/bin 
 $ ./agentctl status
 $ ./agentctl status
 $ ./agentctl status

 

INSTALLING AND ENABLING HOST MONITORING ON TARGET HOST

Prerequesites;

Install following rpms
•  libpcap
•  libpcap-devel
•  openssl
•  openssl-devel

Download the above rpms from http://www.tcpdump.org/

On an Oracle Linux system execute following command from root user

•  Yum –y install libpcap libpcap-devel


Installing a Host Monitor in oracle AVDF 12.1.2 on Linux Hosts

•  If you have not already done so, deploy the Audit Vault Agent
•  Log in as root and identify a root-owned directory on the local hard disk, such as 
   /usr/local.
•  Log in to Audit Vault Server console as an administrator, click on HOSTS tab, and 
   click on Agents
  Click the download button next to Host Monitor (Linux x86-64) 
•  Then save the .zip file to root owned directory, for example /usr/local 


•  Place the .zip file in directory /usr/local and unzip it


•  This creates a directory named hm.
 
•  Ensure that the hostmonsetup file (in the hm directory) has execute permission.
•  Run the following command
    [root@12cdb hm]# ./hostmonsetup install





Monday, August 20, 2018

Register Database Firewall with Audit Vault Server 12.2.0.8


Register Database Firewall with Audit Vault Server  12.2.0.8




Summary:
1.    Specify Audit Vault Server certificate and IP address in Database Firewall
2.    Register Database Firewall in the Audit Vault Server
3.    Database Firewall Status and Diagnostics
Note:
You must associate each Database Firewall with an Audit Vault Server by specifying the server’s certificate and IP address, so that the Audit Vault Server can manage the firewall. If you are using a resilient pair of Audit Vault Servers for high availability, you must associate the firewall to both servers.

1.    Specify Audit Vault Server certificate and IP address in Database Firewall

Ø  Log in to the Audit Vault Server as AVADMIN


Image:01
Click Login


Ø  Copy Audit Vault Server certificate


ð  Click on Settings tab
ð  In Security menu, Click Certificate. The server’s certificate is displayed
ð  Copy server certificate into a text file, Make sure you also copy the header and footer “----BEGIN CERTIFICATE---- and ---- END CERTIFICATE ----” Note: if you use a text file it must be securely deleted afterwards.

Image:02


Ø  Log in to the Database Firewall administration console

Image:03
Click Login


Ø  In System menu, click Audit Vault Server

ð  Enter IP Address of the Audit Vault Server
ð  Paste the Audit Vault Server Certificate in the next field
ð  Click on Apply button

Image:04

NOTE:
If you are using a resilient pair of Audit Vault Servers. select Add Second Audit Vault
Server check box, and enter the IP address and certificate of the secondary Audit Vault
  Server 


Image:05

Setting Saved.

1.    Register Database Firewall in the Audit Vault Server

You must register the Database Firewall in the Audit Vault Server to enable communication between Audit Vault and Database Firewall. To register a Database Firewall in the Audit Vault Server

ð  Log in to the Audit Vault Server as an administrator “AVADMIN”

Image:06

Click Login

2.    Register Database Firewall in Audit Vault Server


ð  Click on "Firewall" tab
ð  Click on "Register" button.

Image:07

 Ø  Save Registration

ð  Enter name of the Database Firewall in the "Name" field.
ð  Enter IP Address of the Database Firewall in the "Address" field. It is preferred to use the actual hostname for the firewall that you had set earlier. It makes it easier to keep track of servers in production environment.
Click on "Save" button


Image:08

Ø  Registered Firewalls
 You will see screen like in below screenshot if you have successfully completed above steps.

Image:09

3.    Database Firewall Status and Diagnostics

Ø  Click on System Status under System
Click on Show Reports

Image:10
Click on Show Report

Ø  To ensure that everything is running correctly
ð  Everything should have a green "OKnext to it like in the next screenshot

Image:11

Note:
If there is an error message that indicates that there is a problem with the certificate, Check that the date and time are the same on the Audit Vault server and database firewall appliance.



References:
Oracle® Audit Vault and Database Firewall Installation Guide
Release 12.2









Wednesday, August 15, 2018

Database Firewall Installation on VMware


Database Firewall Installation on VMware

Summery:

1.    Media Download
2.    Prerequisites
3.    Installation Database Firewall 12.2.0.8
4.    Post Installation

We are Going to install Oracle Audit Vault Database Firewall 12.2.0.8
1.    Media Download
Ø  open a web browser.
Ø  Type https://edelivery.oracle.com/ in the address bar.
Ø   Click on "Sign In
Ø  Type Audit Vault and Database firewall


Image: 01
Click Download

2.   Prerequisites:


Ø  Windows 64 bit
Ø  VMware installed
Ø  At least 8GB memory
Ø  Hard Disk Drive 450 GB HDD
Ø  Host machine should be access guest machine


1.   Installation Database Firewall 12.2.0.8


Ø  Open VMware workstation
Ø  Select File > New Virtual Machine

Image: 02
Click Next



Image: 03

Chose I will install the operating system later

Image: 04      
Specify Disk Size:                              450
Store virtual disk as a single file:        will be easy to move



Image: 05
Specify the Virtual Machine Name and Location

Image: 06
Select Operating system type
Click Next

Ø  Brows to insert media.ISO file:

Image: 07
Click Close


Ø  Select First option as below using Arrow keys:

Image: 08
Press Enter


Image: 9

Wait until Packages installed it will take time



Image: 10

Image: 11
Please Enter Installation Password what you want 

Ø  Select Interface 

Image: 12
Select > Press Enter

Image: 13
Select > Press Enter 

Ø  Enter IP Address which you have decided 

Image: 14
Reboot to complete installation

4.     Post Installation
Login to Database Firewall Web Console

Ø  Open a web browser and enter following url
Ø  Press "<Enter>" key to go to the specified url.
Ø  Click on "Proceed Anyway" button.

Ø  Enter Installation Passphrase


ð  Enter Installation Passphrase
ð  Click on "Login" button. 

Image: 15
Click LOGIN

Ø  User Configuration

ð  Enter username and password for the users to be configured.

Image: 16
Click SAVE

Ø  Login to Database Firewall console

ð  Enter User Name
ð  Enter Password 
ð  Click on LOGIN

Image: 17


Ø  Datbase Firewall Home Console 
Ø  To Check Database Firewall Status 
ð  Click on "Login" button and see all will be green and OK

Image: 18




References: 
Oracle® Audit Vault and Database Firewall Installation Guide
Release 12.2.0.8


Oracle Audit Vault Installation on VMware


Keep Smile 😊


Oracle Golden Gate 21c Microservices Installation

Oracle Golden Gate Microservices Architecture Oracle Golden Gate Microservices Architecture has been introduced in Oracle Golden Gate versio...