Can Oracle Audit Vault Database Firewall Read Custom Log File configured in a Non Default Location in Operating System
Last updated on JUNE 21, 2018
Applies to:Oracle Audit Vault and Database Firewall - Version 22.214.171.124 and later
Information in this document applies to any platform.
Evaluating Oracle Audit Vault and Database Firewall hereafter referred as AVDF for reading custom operating system auditing log file at the non-default location. After configuring the Directory audit trail for the custom log file, the audit trail does not start and encounters an error.
Sample Error in Collector log file:
by Default, DIRECTORY audit trail, which Collects audit data from the audit.log file. Default location of audit.log (/var/log/audit/audit*.log) or any custom location configured in the /etc/audit/auditd.conf file.
There is another log file named as "userlog.log" at path /var/log/userlog.log. This file collects OS auditing data based on custom scripting. Trying to add this custom audit log file in AVDF, although its syntax
is much more different than default OS audit.log file.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms