Auditing

Receiving ORA-55940: An error occurred during execution of ktliIngestExternData

During my previous test with Unified Auditing Policies anomalies after upgrade to Oracle 19c, I also hit and error when I queried the unified audit trail. Hence, I make a reminder to myself and would like explain what to do in case you are Receiving ORA-55940: An error occurred during execution of ktliIngestExternData as well.

What a strange error

I created a few policies by myself and did a database upgrade from Oracle 12.2.0.1 to Oracle 19.8.0. And after upgrade, I wanted to check the records in my audit trail. But instead of …

Continue reading...

Check your Unified Auditing Policies after upgrading to Oracle 19c

This may become a longer blog post. One of the customers I work with for many years contacted me a few weeks ago. After upgrade to 19c, it looked like as if some Unified Auditing Policies weren’t correct anymore. It started as a tiny issue, but thanks to the customer who analyzed down to the bones, it seems to be bigger than we thought at the beginning. So you may Check your Unified Auditing Policies after upgrading to Oracle 19c as well.

Check your Unified Auditing Policies after upgrading to Oracle 19c

Photo by Felix Luo on Unsplash

Unified Auditing

Actually a lot of my customers use Unified Auditing these …

Continue reading...

When Fixed Object Stats Gathering takes very long during upgrade …

Over the past days I exchanged several emails with a very important customer regarding Fixed Objects Stats gathering in relation to database upgrade. The customer found out that it takes very long in their environment – over an hour to be precise. Relaxing on the weekend helped me a bit. And this morning, it dawned me that I’ve had two similar cases before already. Plus I didn’t blog about it yet. Now it’s time to tell you a little but about Unified Auditing and the situation when Fixed Object Stats Gathering takes very long during upgrade …

When Fixed Object Stats Gathering takes very long during upgrade ...

Photo by Ayse

Continue reading...

Unified Auditing policies can slow down the upgrade

Unified Auditing policies can slow down the upgradeI posted several blog posts about Unified Auditing in the past. And recently a large customer in the UK alerted me about their upgrades with PDBs from 12.1 to 12.2 taking much longer when Unified Auditing policies were enabled. It looks like as if Unified Auditing policies can slow down the upgrade.

We did some further investigations. See the results below.

Unified Auditing

You find a good number of blog posts explaining how to migrate to Unified Auditing, the performance tweaks in Oracle 12.1.0.2 and some other things:

Continue reading...

Don’t drop the AUDSYS user before upgrading

Don't drop the AUDSYS user before upgradingThis is a very interesting case Martin Berger sent to me a week ago. A colleague and him were basically wondering if they should follow the advice in the Oracle 12.2 upgrade guide and drop the AUDSYS user, or if they better don’t drop the AUDSYS user before upgrading.

What is AUDSYS meant for?

In short, it is the auditing user schema for Oracle 12c and especially Unified Auditing. You’ll find a bit more information regarding Unified Auditing on this blog:

Continue reading...

Unified Auditing – is it ON or OFF in Oracle Database 12.2.0.1?

Just a quick update to my blog post from September 2014:

Any changes in Oracle Database 12.2.0.1?

Unified Auditing - is it ON or OFF in Oracle Database 12.2.0.1?Yes. Significant changes happen to Unified Auditing in Oracle Database 12.2.0.1. Mostly internally as the mechanism used to dump the audit records in Oracle 12.1.0.x when Unified Auditing was on turned out to be very good for write performance, but not so good when you tried to read data. See my blog post from a few weeks ago how to deal with this performance implication and a potential patch:

Continue reading...

Unified Auditing – Performance Improvements in Oracle 12.1.0.2

Unified Auditing got introduced in Oracle Database 12.1.

Unified Auditing - Performance Improvements in Oracle 12.1The downsides of the “old” auditing facilities became obvious when too many users had activities or transactions at the same time leading to audit records being written into AUD$. Contention was a typical issue. The same thing happened when too many users tried to login at the same time. Furthermore protecting the auditing information required Database Vault as there was no default protection available.

This – and some other things – should be remedied by Unified Auditing which is available since Oracle Database 12c. It gets enabled in sort of a “mixed …

Continue reading...

How to migrate to Unified Auditing?

Lock

What is Unified Auditing and is it on by default?

Unified Auditing is the new auditing facility since Oracle Database 12c. But the “old” auditing is still working. And there are a few things to mention if you’d like to make the right choice. I have written some things about it a while ago but as I discovered yesterday my previous blog post (https://blogs.oracle.com/UPGRADE/entry/unified_auditing_is_it_on)  doesn’t satisfy all my needs.

The initial motivation to move towards the new Unified Audit trail is audit performance. The audit records will be written into the read-only table AUDSYS in SYSAUX tablespace. …

Continue reading...

Unified Auditing – is it ON or OFF in Oracle 12c?

Don’t trust our slides – only believe what you’ve verified by yourself 😉

Unified Auditing - is it ON or OFF in Oracle 12c?Actually one of our slides gives a parameter recommendation to set AUDIT_TRAIL since Oracle 11g explicitly to the value you want as otherwise it may switch to “DB” and you may not be aware of it. In conjunction with this setting we explain the new Oracle Database 12c feature Unified Auditing – which is not linked into the kernel and therefore should be off.

Should be … well … thanks to Marco Patzwahl who asked me why he still has over 100 audit records in V$UNIFIED_AUDIT_TRAIL? …

Continue reading...