You are currently viewing How to Implement Oracle Audit Vault Database Firewall (AVDF) – Part 5

How to Implement Oracle Audit Vault Database Firewall (AVDF) – Part 5

Quick Recap

In the previous post on AVDF implementation, we were moving towards building to the next milestone. Target Database Parameter Changes, Deploying Audit Vault Agent, Deploying Host Monitor Agent in Target.

In this post, we’ll be going over the Audit Vault Target and Transaction Log Configuration and Verifications.

GoldenGate Implementation & Configuration

In AVDF implementation, Oracle GoldenGate plays a crucial role in getting the transactional data to capture and provide the Before and After values of a transaction/change.

I have created separate posts for Oracle GoldenGate Installation and Configuration. Check out the details below.

Identify the Tables and its Columns to be Audited

This step is important in the implementation of AVDF, as the Target systems specific tables and its columns details will be added to AVDF server for auditing.

Note: Adding/Removing tables from the extract can be done at any point based on the business or audit requirements.

Audit Vault Target Configuration

We are considering the target as the Oracle EBS DB for this scenario, we’ll be adding target step by step.

Prepare & Configure Targets

Login in as AVADMIN user 

Navigate to Targets -> Click on, Register

p11_avdf_target_register

Provide Relevant Details 

p11_avdf_target_register1
p11_avdf_target_register2
p11_avdf_target_register3

In Audit Collection Attributes, click on Add and enter the below details

Name: AV.COLLECTOR.TIMEZONEOFFSET

Value: +05:30 (Set as per your location) 

p11_avdf_target_register_audit_collection_attributesn
p11_avdf_target_register_audit_collection_attributes1

Once added, click Save and below message appears.

Click OK and proceed.

p11_avdf_target_register_final_steps
p11_avdf_target_register_final_steps1
p11_avdf_target_register_final_steps2

Configure Audit Trail Creation in Audit Vault Console

Now we’ll add the audit trail collection details as steps below.

Navigate to Targets -> Choose the newly created Target

Click on, Add in Audit Data Collection

p11_avdf_target_audit_trail_addition
p11_avdf_target_audit_trail_addition1
p11_avdf_target_audit_trail_addition2

Once the trail has been added you could notice the status as stopped, we’ll start it in the next step.

Review the Configuration details from the Dashboard.

Navigate to Home.

p11_avdf_target_audit_trail_addition3

Start the Audit Trail

Navigate to Targets -> Select the target

p11_avdf_target_audit_start_trail

Select the Trail location and click on Start

p11_avdf_target_audit_start_trail1
p11_avdf_target_audit_start_trail2
p11_avdf_target_audit_start_trail3

Verification of Transaction Log Audit Trails Retrieval

AVADMIN-Agent, Target and Trail Status

Login in as AVADMIN and review the details from Home Dashboard.

p11_avdf_verification
p11_avdf_verification1
p11_avdf_verification2

AVAUDITOR-Target and Audit Report

Login in as AVAUDITOR user review the details in Home Dashboard and Verify the Audit Report (Modifications Before and After)

p11_avdf_avauditor_login
p11_avdf_avauditor_dashboard
p11_avdf_avauditor_targets

For testing a scenario, new GoldenGate extract EXT_TEST has been added and the parameter file contains the information of the table and column details from the Target Database.

p11_avdf_avauditor_test_scenario_GG_target

Now perform the changes in the Oracle EBS in User form to verify the AVDF report has captured the details.

p11_avdf_avauditor_test_scenario_EBS_FND_User

Below screen show the details captured as xml in the GoldenGater Server.

p11_avdf_avauditor_test_scenario_OGG_xml

Review the report.

Navigate: As AVAUDITOR user, Reports -> In Data Access & Modification section -> Data Modification Before-After Values 

p11_avdf_avauditor_test_scenario_report
p11_avdf_avauditor_test_scenario_report1

To Be Continued . . . 

In next post, we’ll be performing the hands-on DF Target Configuration and User-defined Database Firewall Policies, AVDF Agent Start Stop Automations, etc.,