Skip to main content

Oracle AVDF Installation and Setup Document

This blogpost will provide you detailed information about Oracle Audit Vault and Database Firewall (Oracle AVDF) setup. Oracle AVDF is a comprehensive Database Activity Monitoring (DAM) solution that integrates with native audit data. Environment Setup: 
[oracrp@ebs-dev2-db01 ~]$ mkdir -pv /oradb/oracle/avcli
mkdir: created directory ‘/oradb/oracle/avcli’
[oracrp@ebs-dev2-db01 ~]$ mkdir -pv /oradb/oracle/avagent
mkdir: created directory ‘/oradb/oracle/avagent’
[oracrp@ebs-dev2-db01 ~]$
- Add these variables to the environment file 
vi DEV2CDB.env
# AVS
export AVCLI_HOME="/oradb/oracle/avcli"
export AV_HOME="/oradb/oracle/avagent"
export PATH="$PATH:$AV_HOME/bin"
Download the JAR files: 

 AVDF installation requires one network interface card on respective hosts. IP assigned to AV server NIC will communicate with target databases and IP assigned to DF server will connect to AV Download - Agent jar file: 
 Login to AV console as avadmin user 
 - Go to Agents tab 
- Click on download



- Upload the downloaded "Audit Vault Agent Jar" from your desktop to Database server at "/oradb/oracle/avagent". 

 - Login to DB host using WinScp and upload the JAR Download 
- AVCLI jar file :


Download - AVCLI jar file

Go to the Settings tab

Click on "Audit Vault CLI" 



Upload the downloaded " AVCLI Jar" from your desktop to Database server at "/oradb/oracle/ avcli ".

Login to DB host using WinScp and upload the JAR.


Install AVCLI on DB host :

Source AVDF environment variables and install AVCLI on db host.

[oracrp@ebs-dev2-db01 ~]$ . DEV2CDB.env
[oracrp@ebs-dev2-db01 ~]$ cd $AVCLI_HOME
[oracrp@ebs-dev2-db01 avcli]$ java -jar avcli.jar  -d /oradb/oracle/avcli
AVCLI installed successfully
[oracrp@ebs-dev2-db01 avcli]$ ls
av  avcli.jar  bin  jdbc  jlib  lib  META-INF  network  oc4j  rdbms  ucp
[oracrp@ebs-dev2-db01 avcli]$ cd /oradb/oracle/avcli/bin
[oracrp@ebs-dev2-db01 bin]$ ./avcli
AVCLI : Release 20.8.0.0.0 - Production on Mon Feb 6 13:42:12 AST 2023
Copyright (c) 1996, 2022 Oracle.  All Rights Reserved.
AVCLI> connect avadmin
Enter password:
Connected.
AVCLI> list host;
0 row(s) selected.
The command completed successfully.
AVCLI>
AVCLI> exit
Disconnected from Oracle Audit Vault Server - Version : 20.8.0.0.0
[oradev@ebs-dev2-db01 bin]$
Install AV Agent: Install AV Agent on db host:
[oradev@ebs-dev2-db01 ~]$ cd $AV_HOME
[oradev@ebs-dev2-db01 avagent]$ ls
agent.jar
[oradev@ebs-dev2-db01 avagent]$ java -jar agent.jar -d /oradb/oracle/avagent
Agent installed successfully.
If deploying hostmonitor please refer to product documentation for additional installation steps.
[oradev@ebs-dev2-db01 avagent]$
Register DB Host in AVDF: 
[oradev2@ebs-dev2-db01 bin]$ cd /oradb/oracle/avcli/bin
[oradev2@ebs-dev2-db01 bin]$ ./avcli
AVCLI : Release 20.8.0.0.0 - Production on Mon Feb 6 13:46:24 AST 2023
Copyright (c) 1996, 2022 Oracle.  All Rights Reserved.
AVCLI> connect AVADMIN
Enter password:
Connected.
AVCLI> list host;
0 row(s) selected.
The command completed successfully.
AVCLI> REGISTER HOST ebs-dev2-db01 WITH IP 10.10.2.51;
The command completed successfully.
AVCLI> list host ;
---------------------------------------------------------------------------------------------------------------
| HOST          | IP         | VERSION | ACTIVATION_KEY                          | STATUS    | AGENT_LOCATION |
===============================================================================================================
| ebs-dev2-db01 | 10.10.1.22 |         | EBS-DEV2-DB01::HAQS-FROV-KFX2-P#EH-K9BD | ACTIVATED |                |
---------------------------------------------------------------------------------------------------------------
1 row(s) selected.
The command completed successfully.
AVCLI> exit
Disconnected from Oracle Audit Vault Server - Version : 20.8.0.0.0
[oradev2@ebs-dev2-db01 bin]$
Start the Registered Agent: 
[oradev@ebs-dev2-db01 ~]$ ${AV_HOME}/bin/agentctl start -k
Enter Activation Key:    
Checking for updates...
Agent is updating. This operation may take a few minutes. Please wait...
Agent updated successfully.
Agent started successfully.
[oradev@ebs-dev2-db01 ~]$
Configure Agent auto restart: 
[oradev@ebs-dev2-db01 ~]$ ${AV_HOME}/bin/agentctl registersvc
Agent service registered successfully.
[oradev@ebs-dev2-db01 ~]$
Create AVDF DB user avdfdbuser and grant privileges to this user: 
[oradev2@ebs-dev2-db01 bin]$ cd /oradb/oracle/avagent/av/plugins/com.oracle.av.plugin.oracle/config
[oradev2@ebs-dev2-db01 config]$ sqlplus

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Feb 6 13:51:00 2023
Version 19.16.0.0.0

Copyright (c) 1982, 2022, Oracle.  All rights reserved.

Enter user-name: /as sysdba

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0

SQL> conn c##dvacctmgr@ebsdev2
Enter password:
Connected.
SQL> CREATE USER avdfdbuser IDENTIFIED BY Avdfdbusr321;

User created.

SQL> CONNECT SYS / AS SYSDBA
Enter password:

SQL> conn / as sysdba
Connected.
SQL> alter session set container = ebsdev2 ;

Session altered.

SQL> spool oracle_avdf_user_setup.log
SQL> @oracle_user_setup.sql avdfdbuser SETUP
SQL> Rem Copyright (c) 2016, 2022, Oracle and/or its affiliates.
SQL> Rem All rights reserved.
SQL> Rem  oracle__user_setup.sql - Grant privileges to user for
SQL> Rem  SETUP/SPA/ENTITLEMENT purpose
SQL>
SQL> WHENEVER SQLERROR EXIT;
SQL> -- set the nls_numeric_characters to '.,' as version checking fails when nls is set to germany
SQL> ALTER SESSION SET NLS_NUMERIC_CHARACTERS = '.,';

Session altered.

Enter username for granting privileges:
Setting username to 'avdfdbuser'

Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'SETUP'

Granting privileges to "AVDFDBUSER" ... Done.
SQL> EXIT;
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0
[oradev2@ebs-dev2-db01 config]$  sqlplus

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Feb 6 13:53:39 2023
Version 19.16.0.0.0

Copyright (c) 1982, 2022, Oracle.  All rights reserved.

Enter user-name: /as sysdba

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0

SQL> conn c##dvowner@ebsdev2
Enter password:
Connected.
SQL> GRANT DV_MONITOR TO "AVDFDBUSER";

Grant succeeded.

SQL> exit
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0
[oradev2@ebs-dev2-db01 config]$ sqlplus

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Feb 6 13:56:27 2023
Version 19.16.0.0.0

Copyright (c) 1982, 2022, Oracle.  All rights reserved.

Enter user-name: /as sysdba

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0

SQL> alter session set container = ebsdev2 ;

Session altered.

SQL> GRANT DV_SECANALYST TO avdfdbuser;

Grant succeeded.

SQL>

[oradev2@ebs-dev2-db01 config]$ sqlplus

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Feb 6 14:02:31 2023
Version 19.16.0.0.0

Copyright (c) 1982, 2022, Oracle.  All rights reserved.

Enter user-name: /as sysdba

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0

SQL> alter session set container = ebsdev2 ;

Session altered.

SQL> spool oracle_user_ENTITLEMENT.log
SQL> @oracle_user_setup.sql avdfdbuser ENTITLEMENT

Session altered.

Enter username for granting privileges:
Setting username to 'avdfdbuser'

Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'ENTITLEMENT'

Granting privileges to "AVDFDBUSER" ... Done.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0
[oradev2@ebs-dev2-db01 config]$ sqlplus

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Feb 6 14:03:21 2023
Version 19.16.0.0.0

Copyright (c) 1982, 2022, Oracle.  All rights reserved.

Enter user-name: /as sysdba

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0

SQL>
SQL> alter session set container = ebsdev2 ;

Session altered.

SQL> spool oracle_user_SPA.log
SQL> @oracle_user_setup.sql avdfdbuser SPA

Session altered.

Enter username for granting privileges:
Setting username to 'avdfdbuser'

Enter mode (SETUP/SPA/ENTITLEMENT):
SETUP for granting Audit Collection and Audit Policy Management privileges
SPA for granting Stored Procedure Auditing privileges
ENTITLEMENT for granting Entitlement retrieval privileges
Setting mode to 'SPA'

Granting privileges to "AVDFDBUSER" ... Done.
Disconnected from Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.16.0.0.0
[oradev2@ebs-dev2-db01 config]$
Register PDB in AVDF : 
[oradev2@ebs-dev2-db01 config]$ ${AVCLI_HOME}/bin/avcli -u avadmin
AVCLI : Release 20.8.0.0.0 - Production on Mon Feb 6 14:06:39 AST 2023

Copyright (c) 1996, 2022 Oracle.  All Rights Reserved.

Enter password for 'AVADMIN':

Connected to:
Oracle Audit Vault Server - Version : 20.8.0.0.0

AVCLI> LIST SECURED TARGET;

0 row(s) selected.

The command completed successfully.

AVCLI> REGISTER SECURED TARGET ebsdev2 OF SECURED TARGET TYPE "Oracle Database" AT jdbc:oracle:thin:@//10.10.1.22:1523/ebsdev2 AUTHENTICATED BY avdfdbuser;
Enter password:

The command completed successfully.

AVCLI> LIST SECURED TARGET;
-------------------------------------------------------------------------------------------
| NAME    | DESCRIPTION | LOCATION                                    | SECUREDTARGETTYPE |
===========================================================================================
| ebsdev2 |             | jdbc:oracle:thin:@//10.10.1.22:1523/ebsdev2 | Oracle Database   |
-------------------------------------------------------------------------------------------

1 row(s) selected.

The command completed successfully.

AVCLI> exit
Disconnected from Oracle Audit Vault Server - Version : 20.8.0.0.0
[oradev2@ebs-dev2-db01 config]$
The above blogposts provide detailed information about setting up of AVDF software. 
 Thanks for reading :)

 regards, 
ZAHEER
Labels:

Comments

Post a Comment

Popular posts from this blog

Disable Firewall on Oracle Linux 8

In this blogpost we will see how we can stop/disable the firewall on Oracle Linux 8, the firewall command is same in both linux 7 an linux 8. The below listed is the procedure for stopping and disabling the  firewall on Oracle Linux 8. - Here we can see the firewall deamon in active state - Here when we stop the firewall in previous command, now the firewall daemon is dead - For permanent disabling the firewall on server, we can use "disable" option The following commands will be helpful: #systemctl status firewalld #systemctl stop firewalld #systemctl disable firewalld #systemctl enable firewalld #systemctl start firewalld Hope it helps !! Thanks for reading :) regards, X A H E E R
2 comments
Read more

Enable Desktop on Oracle Solaris 11.4

Oracle Solaris 11 installation has multiple options to choose for installation of an Operating Environment, but mostly Oracle Solaris text install media is used and this installation media doesn't offer the GUI Desktop Environment by default after the installation. This blog post will explain how we can enable the desktop for Oracle Solaris 11.4 operating system, after the completion of installation. We have to install "solaris-desktop" package and reboot the machine and GUI desktop will be enabled for the Operating System. In this blog post my virtual machine is connected to the internet and hence I am able to use available pupblic repository for package installation, if in case internet is not available for the server/machine then we have configure the local/Server  repository for the installation. Follow the below steps for desktop package installation: After installation of dekstop package we are now able to login with GUI desktop environment
1 comment
Read more

Oracle Applications R12.2 Installation on Linux using virtual box

Oracle E-Business suite R12.2 is released a month ago. I received too many requests from my followers to demonstrate this Installation. This is a step by step detailed article for Installing Oracle E-business suite R12,2 on Oracle Enterprise Linux 5.7 (64-bit). I've used oracle virtual box for Installing Linux. Note:  This Installation is demonstrated on virtual machine with 8GB RAM and Installation completed in 7 hours. I am not sure whether this Installation will work with less than this .  My Virtual Machine configuration: CPU    = 1 core RAM   = 8 GB HDD   =  380 GB Software's Required: 1) Oracle Virtual Box 2) Oracle Enterprise Linux 5.7 (64-bit) 3) Oracle E-Business suite R12.2 for LinuxX86-64-bit Installation Steps: Hardware requirements Create virtual machine and Install operating system Operating System pre-requisites Prepare Stage Area Install Oracle EBS R12.2 software Verify Installation 1. Hardware Requirement
12 comments
Read more