Skip to main content

send oracle 11g audit log to syslog server ( on other PC)

--preparation-- 
well...... this time i will write about syslog, and for this experiment what we need is :
- kiwi syslog server get from here and install it on your PC( i use xp for this server syslog)
- oracle db
- and of course, a cup of coffee is a must and other thing that make you relax and comfortable ( :p )

--scema--
first thing to do is redirect oracle audit log to syslog, and than from syslog send to syslog server( kiwi syslog)

 --1--
 edit initSID.ora and add this folowing config :
create "/var/log/oracle/" firs
audit_file_dest='/var/log/oracle/'
audit_trail='OS'
AUDIT_SYSLOG_LEVEL=local1.warning
after that edit /etc/syslog.conf, and add this folowing config :
#Save oracle rdbms audit trail to oracle_audit.log
local1.warning          /var/log/oracle/oracle_audit.log
#Send oracle rdbms audit trail to remote syslog server
local1.warning       @1.1.1.1 #<= ip your syslog server
--2--
restart syslog service with command :
/sbin/service syslog restart     # or 
/etc/init.d/init.d/syslog restart 
oracle DB must be restart to
CONNECT SYS / AS SYSOPER
Enter password: password

SHUTDOWN IMMEDIATE
STARTUP
-----------------
SQL> shutdown IMMEDIATE
Database closed.
Database dismounted.
ORACLE instance shut down.

SQL> STARTUP
ORACLE instance started.

Total System Global Area 1075527680 bytes
Fixed Size                  1304704 bytes
Variable Size             264243072 bytes
Database Buffers          805306368 bytes
Redo Buffers                4673536 bytes
Database mounted.
Database opened.
--test and jajal--
try to login to your Oracle DB and log must be create on syslog and kiwi syslog ono other server like this folowing pict


-source -
oracle doc

Comments

  1. Hi Dude,

    A simple yet powerful Syslog protocol server and analyzer. It can be tuned to only log events under a threshold, or to directly mail and admin when another threshold value is reached. Thanks a lot.....

    Active Directory Compliance

    ReplyDelete

Post a Comment

comment please ...

Popular posts from this blog

Webalizer - Statistik trafik/kunjungan web (ubuntu)

--goal--
make subdomain trafik statistik

--install--
run this command :
sudo apt-get install webalizeredit "/etc/apache2/apache2.conf" , set
HostnameLookups Off into :
HostnameLookups On
--1--
All we need is already prepared, now set log of vhost in "/etc/apache2/sites-enabled" to spesifict folder.
exp. $sudo vi /etc/apache2/sites-enabled/monitor CustomLog ${APACHE_LOG_DIR}/access.log into: CustomLog ${APACHE_LOG_DIR}/vhost/monitor/access.logrestart service
$sudo /etc/init.d/apache2 restart
--2--
create another file config of webalizer in /etc/webalizer
exp. vi /etc/webalier/monitor.conf
set the LogFile to apache2 logfile:
LogFile /var/log/apache2/vhost/monitor/access.log # apache log OutputDir /var/webalizer/monitor/ #webalizer report Incremental yes ReportTitle Usage statistics for HostName monitor.brekele.co.cc
--3--
create script to run webalizer via crontab
exp. vi /etc/webalizer/cron_job
#!/bin/bash echo "di jalankan pada: `date +"%d-%B-%Y %r"…

pgpoolAdmin, web interface for pgpool

--preparation--
next capter of pgpool from my last post ( here), now i wanna post about a tool that can manage pgpool from web interface called pgpoolAdmin. next... enjoy the post... ^_^

--1--
first we need to download pgpooladmin from here, extrak and copy or move to http directory( for exp : /var/www) 
$wget http://pgfoundry.org/frs/download.php/2964/pgpoolAdmin-3.0.3.tar.gz $tar zxvf pgpoolAdmin-3.0.3.tar.gz $sudo cp -Rf pgpoolAdmin-3.0.3 /var/www/test
 --2--
install pgpooladmin via web on: http://localhost/test/install


make sure owner of that file is "www-data"(of course have write akses) and check again



login with user that you create on /etc/pcp.conf (for more detail see my last post



and done.ya.. tooo.......!!!
 ^_^