Skip navigation.

Blue Core Research - DBA Guide to database Auditing

The Problem
===========
The longer you've been working as a DBA, the more you've encountered things like these:

The time on a table changed and you don't remember doing it. You poke around but can't figure out who changed it.

There's someone you don't trust that you have to give access to. They are the kind of person that will look at things they are not supposed to, but you have to give them access.

There's someone who always messes things up when they get access. You know they'll do it again and you'll have to undo the damage. Would be nice to know what they are doing.

There's a contractor or a new employee that need access. You don't know them yet and not sure how reliable they are. It would be nice to be able to keep an eye on them.

Too many people have too much access and you're losing control. You try to figure out how to reduce the access they have or revoke some privileges, but this is pretty much what everyone claims they need to do their jobs.

You've been through an audit and the auditor wanted to know all sorts of things about the activity. Questions you just don't have the information needed to answer.

You probably spent many days chasing down the answers to these questions or try to find ways to collect it. The security in the database is set properly. The problem is that you need to know what people are doing with the access they have. This knowledge will give you more control.

ProC Code Performance Improvement (GCC - RHL)

Performance Improvement in Pro*C

Pro*C code compilation builds executable depends on the parameters passed while compiling a code on Linux OS. GCC compiler is widely used for compilation.

Parameters that it provides enables memory management and linking etc...
This means : Without changing Code GCC compilation parameter change can give significant improvement in performance without impacting functionality. Attached document contents details study of the same.

This document gives details about environment,deployment and pre-post change analysis.

Brgds,

Sanjay J. Sontakke

Pro*C Code Performance Improvement (GCC - RHL)

Performance Improvement in Pro*C

Pro*C code compilation builds executable depends on the parameters passed while compiling a code on Linux OS. GCC compiler is widely used for compilation.

Parameters that it provides enables memory management and linking etc...
This means : Without changing Code GCC compilation parameter change can give significant improvement in performance without impacting functionality. Attached document contents details study of the same.

This document gives details about environment,deployment and pre-post change analysis.

Brgds,

Sanjay J. Sontakke

Enable debugging for OBIEE 11g / BI Publisher 11g

If you moved to BI Publisher 11g or OBIEE 11g from BI Publisher 10g, you would have realized that debug option is no longer part of BI Publisher Administration UI. In 10g we can set the debug log level from Administration UI under Server configuration section but in 11g no more.In OBIEE 11g, it is central logging process which is part of Fusion Middleware.

Oracle 11g CONVERTING PHYSICAL STANDBY DATABASE TO SNAPSHOT STANDBY DATABASE

CONVERTING PHYSICAL STANDBY DATABASE TO SNAPSHOT STANDBY DATABASE

Step 1: Check if Flashback is enabled.

Oracle Grid Infrastructure - Reboot less Node Fencing

mikerajendran's picture

Introduction

Oracle Grid Infrastructure 11.2.0.2 has many features including Cluster Node Membership, Cluster Resource Management and Cluster Resources monitoring. One of the key area where DBA need to have expert knowledge on how the cluster node membership works and how the cluster decides to take out node should there be a heart beat network, voting disk or node specific issues. I have written about this before and this article specifically focuses on the 11g R2 features and I will also try to explain the reboot less node fencing.

Standby database using RMAN duplicate

Steps to create standby database using RMAN:

primary database name:taurus
host name:sony
db_unique_name=production

standby database name:taurus
hostname:sonydr
db_unique_name=standby

Oracle 10.2.0.1.0
RHEL 4
-force logging is enabled on the primary database.
-password file is created for primary database
-primary database is in archivelog mode

[code]
SQL> select name,open_mode,log_mode
2 from v$database;

NAME OPEN_MODE LOG_MODE
--------- ---------- ------------
TAURUS READ WRITE ARCHIVELOG

SQL>

SQL> select instance_name,

Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 11: Rule Engine

The Rule engine is one of the critical pieces in an auditing solution. It sits between the data collection and the reporting output. It is the heart of the functionality that will take the job of reviewing the reports from impossible to manageable to easy. The reason it is so important is the vast amount of SQLs that go through a database engine. A good rule engine will reduce the amount of SQLs in the report and increase their relevance.

Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 12: Change Control

Change control is an important part of being compliant. You will not pass an audit without having a change control process in place. One of the requirements you might face is to monitor all changes in the database and make sure they all came from the change control process.

Blue Core Research's "NO BULL" buyers guide to Database Auditing products - Part 13: Application user Identification

There is a common misconception about the value of application user identification. The reason for the misconception is the marketing of this feature by some companies, but we'll get into all that later. First lets examine the idea.

Most applications have a single database user that they use to access the data. To enforce security, these applications maintain an internal list of users and roles that they enforce. In other words – instead of using the database security features, that functionality is performed by the application. The result is that when you look at the database activity you see everything coming from a single user. An obvious requirement is to map the database activity to the application user as it is seen by the application.