Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Em12c Compliance Part4 2152834

    Hochgeladen von

    Igor Igoroshka
    10 Ansichten64 Seiten
    Em12c Compliance Part4

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Em12c Compliance Part4

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    10 Ansichten64 Seiten

    Em12c Compliance Part4 2152834

    Hochgeladen von

    Igor Igoroshka
    Em12c Compliance Part4

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 64

    1

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    (Example : Checking File Permissions )

    Custom Compliance
    using Command Based Configuration Extension

    Enterprise Manager 12c


    Compliance Management
    Part 4

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    example shown.

     The process to check ownership or group would be very similar to the

    is set to 644 and is in violation.

     The sample will be based on the following installation. Here listener.ora

     Check the file permissions for file listener.ora are set to 640.

    Command Based Configuration Extension and Check

    Example Overview

    No

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Yes

    Compliance
    Rule Exists?

    Yes

    Required
    Data Collected?

    No

    Create Custom
    Compliance Rule

    Extend Target
    Using Configuration
    Extension

    Follow the flow for each custom validation.

    Custom Compliance Methodology

    Add Compliance
    Rule to Compliance
    Standard

    Note: There are several Oracle provided checks for recommended file
    ownership, group and permission but none match our exact needs.

    b)

    Answer = No.

    Be sure to follow the Custom Configuration Setup steps later in this


    presentation to setup monitoring credentials BEFORE continuing.

    So we must build a configuration extension first, deploy it to the


    targets and then create a custom rule using the newly collected data.

    a)

    Next we check if the default configuration data of the DB contains the


    data we need to validate.

    Answer = No

    a)

    Check if there is an Oracle provided rule that matches our needs

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    3.

    2.

    1.

    Follow Custom Compliance Methodology

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Go to Enterprise->Configuration->Configuration Extensions

    Start at the Configuration Extensions Page

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Create

    Create new Configuration Extension

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter Name and select Target Type. Click Use Target Variables

    Use Target Properties for deployment variations

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Select OracleHome Target Property. Click OK.

    Oracle Home is specific to each target instance

    10

    You must specify a custom


    monitoring credential for
    command type custom
    configurations due to security
    requirements. See appendix for
    instructions on how to create.

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Choose Command Type, Enter ls l command, Enter unique name for Alias, select parser as shown.

    Append path to network files

    Provide remaining inputs and click Preview

    Use Sample target to ensure proper operation

    11

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    The file/directory name will be


    the Container in our
    compliance rule query.
    Notice each file attribute has a
    property name we can use to
    validate its value.

    Ensure proper parsing and click OK.

    Note the parsed attributes available for later

    12

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Save.

    Complete the creation when validated.

    13

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Manage Deployments

    Deploy Configuration Extension to targets

    14

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Add to select targets

    Initiate target selection

    15

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Caution : Only choose targets that have


    the monitoring credentials setup already.

    Choose 1 or more targets and click Select.

    Choose targets

    16

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Save to deploy Configuration Extension

    Initiate deployment

    17

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Refresh until deployment successful ( Green Check )

    Confirm successful deployment

    18

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    From Target Home Page, Select Last Collected menu item

    Confirm successful collection

    19

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Notice how the Alias name


    provided in the custom
    configuration appears here.

    Open listener.ora details.

    Confirm configuration collected properly

    20

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    command type Configuration Extension.

     We are now ready to create a custom compliance rule against the

    Custom Compliance Rule using Command Type


    Configuration Extension

    21

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Go to Compliance->Library

    Start at the Compliance Library Page

    22

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Create on Compliance Standard Rules tab

    Create a new Compliance Rule

    23

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Select Repository Rule and Click Continue

    Choose repository to access collected data

    24

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Provide inputs and click Next

    Rule details set applicability and severity

    25

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Model.

    Build the query graphically

    26

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Properties

    Use target model to select properties

    27

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Choose Properties as indicated and click OK.

    Parsed data is used for compliance

    28

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter filter criteria, uncheck Data Source and click OK.

    Narrow focus to file(container) of interest

    29

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter message details and click Next

    Messages give high level synopsis.

    30

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    To use a column in
    a SQL condition,
    precede the name
    with a colon. :

    Choose Key, Hide Info and enter Where Clause. Click Next

    Violation Conditions determine pass/fail.

    31

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click chooser to select a sample target.

    Test a sample targets compliance

    32

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Select a target and click Select

    Choose target with custom config deployed

    33

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Run Test

    Initiate test

    34

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Verify Violation and click Next.

    Violations confirm proper operation

    35

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Finish

    Save the rule

    36

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Compliance Standards tab.

    Confirm rule saved properly.

    37

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Create

    Create a new standard

    38

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter required inputs and click Continue

    Standard details confirm scope and type.

    39

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Provide inputs as shown

    State determines its display on dashboard.

    40

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Right Click standard name. Select Add RulesI

    Add compliance rules to standard

    41

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Use filter to find and select rule. Click OK.

    Add newly created rule

    42

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Save

    Save standard with single rule.

    43

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Associate Targets

    Associate targets to new standard

    44

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Add

    Choose targets from pool

    45

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Choose Target and click Select

    Only choose targets with custom config

    46

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click OK.

    Save association

    47

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Go to Enterprise->Compliance->Results

    Switch to Compliance Results

    48

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Select Standard and click Show Details

    View the evaluation details

    49

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Rule Name

    Summary shows violations by target or rules.

    50

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Violation Events tab

    Confirm the violation by viewing details

    51

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Violation Events tab

    View Rule Violation Summary by Target

    52

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Violation Count

    View Violation Details Success!

    53

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Example
    End

    54

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Command Type
    Configuration Extension
    Setup

    55

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

     The following steps are based on Enterprise Manager 12.1.0.3

    For Command Example Setup OS credentials for DB Instance

     Setup New Monitoring Custom Credential

     Cannot use Agent credentials

    Command Type Custom Configuration

    56

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Create

    Use Configuration Extension to Create

    57

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter Name, Select Target Type and click Add Monitoring Credentials

    Enter temporary details to activate Create

    58

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter Name and Click OK

    Create New Monitoring Credential Set

    59

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Click Cancel

    Note: A Monitoring Credential of this


    name is now associated with every
    target of this type. We must now set
    the credential values for at least 1
    sample target so we can use it
    during test.

    Cancel the Create process

    60

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Choose the Target


    Type and select
    Manage Credentials

    Select Database Instance and Click Manage Monitoring Credentials

    Choose the Target Type of Custom Configuration

    61

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Select Sample Target/Credential Set and Click Set Credential

    Set the values for the target/credential set

    62

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Enter Username/Password and click Test and Save

    Enter and Test Credentials

    63

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Ensure credentials set successfully

    Success!

    We can now create a


    Command Custom
    Configuration using this
    Monitoring Credentials set
    and sample target.

    64

    Copyright 2014, Oracle and/or its affiliates. All rights reserved.

    Das könnte Ihnen auch gefallen