The Rule engine is one of the critical pieces in an auditing solution. It sits between the data collection and the reporting output. It is the heart of the functionality that will take the job of reviewing the reports from impossible to manageable to easy. The reason it is so important is the vast amount of SQLs that go through a database engine. A good rule engine will reduce the amount of SQLs in the report and increase their relevance.
Change control is an important part of being compliant. You will not pass an audit without having a change control process in place. One of the requirements you might face is to monitor all changes in the database and make sure they all came from the change control process.
Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 13: Application user IdentificationSubmitted by tduong on Mon, 2010-11-08 22:23
There is a common misconception about the value of application user identification. The reason for the misconception is the marketing of this feature by some companies, but we'll get into all that later. First lets examine the idea.
Most applications have a single database user that they use to access the data. To enforce security, these applications maintain an internal list of users and roles that they enforce. In other words – instead of using the database security features, that functionality is performed by the application. The result is that when you look at the database activity you see everything coming from a single user. An obvious requirement is to map the database activity to the application user as it is seen by the application.
Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 14: Oracle and MS SQL ServerSubmitted by tduong on Fri, 2010-10-29 00:59
Most companies have more than one database vendor. Oracle, SQL Server, DB2, MySQL and Sybase are all common depending on the company, and some use less common databases such as TeraData. There are, however, some important questions to ask before you dive into your cross platform heterogeneous requirements:
* Which databases do you actually need to audit? Is all your SOX, PCI, HIPAA or other sensitive data scattered across all these databases, or is your SQL Server just used for small home-grown apps that do not have any auditing requirements?
* Do you have the same DBA or team managing all these databases, or are they different teams that will end up managing auditing solutions independently? In the later case you are better off choosing the best solution for each database rather than mandating a single solution no one is too happy with.
Part of my job is teaching for Oracle University, and I'm often asked about OCP exam technique. Here are a few hints. The OCM exam is very different, and the confidentiality rules forbid me from discussing it, so please don't ask.
Why indexes are going to unusable status?
When will the indexes goes for unusable state?
1.Any maintenance activity in partition table – Alter command
1.Truncate the table partition
2.Drop the table partition
3.Split Part/Sub Partition
2.Any maintenance activity in table – Table Reorganization.
1.Move the table.
More details about online redefinition -
3.Oracle Import – While import the data with skip_unusable_indexes=y.
To improve the perfo
RMAN Cloning using active database feature - Oracle 11g feature
Normally we well knew about RMAN cloning.
Oracle9i/10g using duplicate cloning command, we do the RMAN cloning.
We need a RMAN full backup for cloning the database in oracle9i/10g.
In oracle 11g provides a new feature, without RMAN database backup we can clone the database.
I have tested the active database RMAN cloning in my test server.
Operating system: Windows XP service pack 2
Database Version: 18.104.22.168 (32 bit)
Source database name: troy
Clone database name: clonedb
How its work?
READ ONLY tables in oracle 11g
A restore point can be used to flash back a table or the database to the time specified by the restore point without the need to determine the SCN or timestamp. Restore points are also useful in various RMAN operations, including backups and database duplication. You can use RMAN to create restore points in the process of implementing an archival backup.
1. Normal restore point
This note is an attempt to summarize some of the 11gR2 facilities that allow for greater virtualization of resources, reducing reliance on networking facilities supplied by the operating system. All corrections welcome.