Oracle Data
The Cyences app supports following data collection mechanisms:
1. Unified auditing using Splunk DB Connect app (Recommended)
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| Splunk DB Connect | - | - | Required | - | Installation and Configuration Guide & Make sure to use oracle:audit:unified sourcetype when configuring the data input. |
| Splunk DBX Add-on for Oracle JDBC | - | - | Required | - | This addon is DB Connect App’s requirement for database driver availability of Oracle. |
| Splunk Add-on for Oracle Database | Required | - | Required | - | Installation and Configuration Guide |
- Visit the official oracle documentation for more information:
- Details needed from DBA Team:
- IP Address or FQDN of DB server
- Port number for DB server
- Unified Audit Trail DB table name
- Username & Password - Should have Readonly access to the Audit Trail Table
- Default database name and Database name
- Timezone on the database server
2. XML logs using File monitoring
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| Splunk Add-on for Oracle Database | Required | - | Required | Required (On DB server) | Installation and Configuration Guide & Make sure to use oracle:audit:xml sourcetype when configuring the data input. |
- Details needed from DBA Team:
- XML Log files path on the DB server.
Note : Create an index named oracle or update the cs_oracle macro definition from Cyences app configuration page (Cyences Settings > Cyences App Configuration > Products Setup).
Estimated Data Size
The license usage consumed by the Splunk Add-on for Oracle Database is based on the audit policy and database usage of your environment