Manage ASM Audit Files with syslog
(Doc ID 1559573.1)
Last updated on FEBRUARY 07, 2022
Applies to:Oracle Database Cloud Exadata Service - Version N/A and later
Oracle Database Cloud Service - Version N/A and later
Oracle Cloud Infrastructure - Version N/A and later
Oracle Exadata Storage Server Software - Version 22.214.171.124.0 and later
Linux OS - Version Oracle Linux 5.9 and later
Information in this document applies to any platform.
The audit file destination directories for an ASM instance can grow to contain a very large number of files if they are not regularly maintained. Having a very large number of files can cause the file system to run out of free disk space or inodes, or can cause Oracle to run very slowly due to file system directory scaling limits, which can have the appearance that the ASM instance is hanging on startup.
This document explains how to use the Linux syslog facility to manage ASM auditing records so that ASM auditing records are recorded by the operating system syslog facility instead of individual files in the audit_dump_dest directory.
These steps must be performed for the ASM instance on every database server.
This document explains how to manage the auditing records for ASM instances only. For complete database auditing overview and instruction on managing and purging the database audit trail, refer to the Oracle Database Security Guide at https://docs.oracle.com/cd/E18283_01/network.112/e16543/auditing.htm .
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|Step 1 - Set ASM initialization parameters AUDIT_SYSLOG_LEVEL and AUDIT_SYS_OPERATIONS|
|Step 2 - Configure /etc/syslog.conf for ASM auditing|
|Step 3 - Configure logrotate to manage syslog log files|
|Step 4 - Restart ASM instances and syslog service|
|Step 5 - Verify ASM audit records are created in /var/log/asmaudit.log|