Managing Oracle Virtual Directory Logging Using Oracle Enterprise Manager

Managing Oracle Virtual Directory Logging and Auditing 17-3 configuration for StringMatchFilter class to exclude the log messages containing string c=us: logFilters filter className=com.octetstring.vde.util.StringMatchFilter param name=StringToBeMatched value=c=us param name=AcceptOnMatch value=false filter logFilters To include the log messages, set AcceptOnMatch to true and the log messages will contain the DIT specified in the logFilter configuration. To exclude the log messages, set AcceptOnMatch to false and the log messages will not contain the DIT specified. To enable StringMatchFilter, configure it as a filter for either Logger or Handler defined in the ovd-logging.xml file. The following is an example configuration to specify the filter for LogHandler: logging_configuration log_handlers log_handler name=OVDHandler class=oracle.core.ojdl.logging.ODLHandlerFactory filter=com.octetstring.vde.util.StringMatchFilter property ... property log_handler log_handlers loggers ... loggers logging_configuration

17.2 Managing Oracle Virtual Directory Auditing

Oracle Virtual Directory utilizes the Common Audit Framework of the Oracle Application Server 11g infrastructure for compliance, monitoring, and analytics purposes. You can use Oracle Enterprise Manager Fusion Middleware Control and WLST as the interface to the Common Audit Framework to manage Oracle Virtual Directory auditing. This topic contains the following sections on managing Oracle Virtual Directory auditing: ■ Managing Oracle Virtual Directory Auditing Using Fusion Middleware Control ■ Managing Oracle Virtual Directory Auditing Using WLST ■ Understanding Audit Data

17.2.1 Managing Oracle Virtual Directory Auditing Using Fusion Middleware Control

You can use Oracle Enterprise Manager Fusion Middleware Control to perform Oracle Virtual Directory auditing tasks, including managing: ■ Audit policies ■ Audit data collection and storage ■ Audit reports Note: The server.os_xml, ovd-logging.xml, and adapters.os_xml files are located in the following directory: ORACLE_INSTANCE configOVDconfigCOMPONENT_NAME 17-4 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory The auditing procedure for most Oracle Fusion Middleware components, including Oracle Virtual Directory, is similar and explained in detail in the Oracle Fusion Middleware Security Guide. The following is an overview of the procedure for auditing Oracle Virtual Directory using Oracle Enterprise Manager Fusion Middleware Control:

1. From the Oracle Virtual Directory menu, select Security, then Audit Policy

Settings .

2. From the Audit Policy list, select Custom to configure your own filters, or one of

the filter presets, None, Low, or Medium. 3. To audit only failures, click Select Failures Only. 4. To configure a filter, click the Edit icon next to its name. The Edit Filter dialog for the filter appears. 5. Specify the filter condition using the buttons, selections from the menus, and strings that you enter. Condition subjects include Initiator, Target, Remote IP, and Resource. Condition tests include -contains, -contains_case, -endswith, -endswith_ case, -eq, -matches, -ne, -startswith, and -startswith_case. Enter values for the tests as strings. Parentheses are used for grouping and AND and OR for combining.

6. To add a condition, click the Add icon.

7. When you have completed the filter, click OK.

17.2.2 Managing Oracle Virtual Directory Auditing Using WLST

You can use WLST to perform Oracle Virtual Directory auditing tasks, including: ■ Getting viewing audit policy using getAuditPolicy ■ Setting audit policy using setAuditPolicy ■ Listing viewing audit events using listAuditEvents For components that manage their audit policy locally, such as Oracle Virtual Directory, you must include an MBean name as an argument to the command. The name for an Audit MBean is of the form: oracle.as.ovd:type=component.auditconfig,name=auditconfig,instance=INSTANCE, component=COMPONENT_NAME See: The Oracle Fusion Middleware Security Guide for complete information about auditing Oracle Virtual Directory using Oracle Enterprise Manager Fusion Middleware Control. See: For complete information about managing Oracle Virtual Directory auditing using WLST, refer to the following documents: ■ Oracle Fusion Middleware Security Guide ■ Oracle Fusion Middleware WebLogic Scripting Tool Command Reference Note: The Audit MBean in the preceding example should be one continuous string. It is shown on two lines in this document because of spacewidth limitations in this document.