Enable Auditing in Oracle Access Manager 11g to database

This post explains the steps to enable Auditing in Oracle access manager 11g to database. The overview of auditing in Oracle Access Manager 11g is explained here. By default the auditing information will be stored in the bus-stop file. Follow the below steps for Oracle Access manager auditing to database.

1. Run RCU to create the Audit schema :  While running the RCU for OAM environment, you can select the Audit schema if you want to store the audit information in the database. If this option is not selected and schema is not created, create the schema by running the RCU. You need to select Audit Services component in RCU to create the required schema for OAM auditing as shown below. This will create the required schema <pre-fix>_IAU for auditing. Oracle recommends to use a separate database for Auditing .

auditing in Oracle access manager 11g 2 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

2. Create Audit Data Sources :  Follow the below steps to create the audit data sources for Auditing.

Login to OAM WebLogic Console.

Click on Lock and Edit.

Then navigate to IDM_DOMAIN > Services > Data Sources > DataSources >

Click on New > Generic DataSource

1 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

Enter the following parameters and then click Next

Name: AuditDB

JNDI Name : jdbc/AuditDB

Database Type : Oracle ( In this example , we are using Oracle database to store audit data. Hence select database type as oracle

2 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

 

In the next page , select the database driver as shown below,

 

3 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

In the next page, click Next,

4 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

In the next page , enter the database details and click Next

5 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

 

 

Click on Test configuration  to validate the database details entered in the previous page,

 

6 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

 

 

The connectivity test status is displayed.

7 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

 

 

Click on Next to continue and in the next page select the target to deploy the jdbc data source.

 

8 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

 

Click on Finish to continue.

3. Update the Audit store to Database : Follow the below steps to change the audit store from file to database.

Login to EM Console

Expand Farm_idm_domain > WebLogic Domain

Right click on  idm_domain and select Security > Audit Store

11 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

Click on Search  and Select the Data Source that you have just created and click on OK.

Click on Apply

 

12 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

 

Restart the Weblogic Admin and managed servers.

The OAM auditing configurations are available in the below file DOMAIN_HOME/config/fmwconfig/jps-config.xml

<serviceInstance name=”audit” provider=”audit.provider”>

<property name=”audit.filterPreset” value=”None”/>

<property name=”audit.maxDirSize” value =”0″/>

<property name=”audit.maxFileSize” value =”104857600″/>

<property name=”audit.loader.jndi” value=”jdbc/AuditDB”/>

<property name=”audit.loader.interval” value=”15″ />

<property name=”audit.loader.repositoryType” value=”DB” />

</serviceInstance>

4. Enabling the Auditing in OAM console.

Login in to OAM console and make changes in the OAM console > Settings page.

16 Enable Auditing in Oracle Access Manager 11g to database

 

 

 

 

 

 

 

Change the filters to ALL to audit all the OAM events to database.

Now access the OAM protected page and login to access the application. You can see that the OAM audit tables are getting  updated .

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>