10-28 Oracle Complex Event Processing Administrators Guide properties element nameusername valuejulietvalue element element namepasswordname value{Salted-3DES}hVgC5iZ3nZA=value element properties driver-params data-source transaction-manager nameTMname rmi-service-nameRMIrmi-service-name transaction-manager For more information, see: ■ Section 10.1.8, Specifying User Credentials When Using the Command-Line Utilities ■ Section C.2, The encryptMSAConfig Command-Line Utility For more information about JDBC, see Chapter 13, Configuring JDBC for Oracle CEP

10.8.4 Configuring HTTP Publish-Subscribe Server Channel Security

After you configure at least one HTTP publish-subscribe server channel, you can use role-based authentication to control access to individual HTTP publish-subscribe server channels using the Oracle CEP Visualizer. For more information, see: ■ Section 10.1.3, Users, Groups, and Roles ■ Chapter 14, Configuring HTTP Publish-Subscribe for Oracle CEP ■ Configuring Security for the HTTP Publish-Subscribe Channels in the Oracle Complex Event Processing Visualizer Users Guide.

10.9 Configuring the Oracle CEP Security Auditor

Oracle CEP provides a security auditor that logs security-related activity. By default, the security auditor logs to DOMAIN_ DIR servernamelegacy-rootdirserverslegacy-server-namelogsDe faultAuditRecorder.log file, where DOMAIN_DIR refers to the main directory of your domain, such as d:\oracle_cep\user_projects\domains\mydomain, and servername refers to the name of your server. By default, the Oracle CEP security auditor will only log security errors or failures. This helps keep the security auditor log file at a manageable size. Optionally, you can configure the level at which the Oracle CEP security auditor logs information. For more information, see Configuring the WebLogic Auditing Provider in the Oracle Fusion Middleware Securing Oracle WebLogic Server. To configure security auditor logging: 1. Change to the DOMAIN_DIRservernameconfig directory, where DOMAIN_ DIR refers to the main directory of your domain, such as d:\oracle_cep\user_ Configuring Security for Oracle CEP 10-29 projects\domains\mydomain, and servername refers to the name of your server: prompt cd d:\oracle_cep\user_projects\domains\mydomain\defaultserver\config 2. Using your favorite text editor, edit the security.xml file. 3. Locate the sec:auditor element. Example 10–15 shows the default sec:auditor element configuration: Example 10–15 Default sec:auditor Element sec:auditor xsi:type=wls:default-auditorType sec:namemy-auditorsec:name wls:severityCUSTOMwls:severity wls:rotation-minutes720wls:rotation-minutes wls:error-audit-severity-enabledtruewls:error-audit-severity-enabled wls:failure-audit-severity-enabledtruewls:failure-audit-severity-enabled sec:auditor 4. Modify the sec:auditor element as required: ■ wls:rotation-minutes: Specifies how many minutes to wait before creating a new DefaultAuditRecorder.log file. At the specified time, the audit file is closed and a new one is created. A backup file named DefaultAuditRecorder.YYYYMMDDHHMM.log for example, DefaultAuditRecorder.200405130110.log is created in the same directory. ■ wls:severity: Specifies the severity level appropriate for your Oracle CEP server as Table 10–3 lists. The Oracle CEP security auditor audits security events of the specified severity, as well as all events with a higher numeric severity rank. For example, if you set the severity level to ERROR, the Oracle CEP security auditor audits security events of severity level ERROR, SUCCESS, and FAILURE. You can also set the wls:severity level to CUSTOM, and then enable set to true or disable set to false the specific severity levels you want to audit using one or more of the following child elements as Example 10–15 shows: – wls:information-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child element to true causes the Oracle CEP security auditor to generate audit records for events with a severity level of INFORMATION. – wls:warning-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child elemnent to true causes the Oracle CEP Table 10–3 Oracle CEP Security Auditor Severity Levels Event Severity Rank INFORMATION 1 WARNING 2 ERROR 3 SUCCESS 4 FAILURE 5