Oracle 12c Security – SQL Translation and Last Logins

There has been some big new security items added to 12cR1 such as SHA2 in DBMS_CRYPTO, code based security in PL/SQL, Data Redaction, unified audit or even privilege analysis but also as I hinted in some previous blogs there are....[Read More]

Posted by Pete On 31/07/13 At 11:11 AM

Log Buffer #367, A Carnival of the Vanities for DBAs

Log Buffer is globe trotting this week from end to end. From every nook, it has brought you some sparkling gems of blog posts. Enjoy!!!

Oracle:

On April 16th, Oracle announced the Oracle Virtual Compute Appliance X4-2.

Do your Cross Currency Receipts fail Create Accounting?

Oracle Solaris 11.2 Launch in NY.

WebCenter Portal 11gR1 dot8 Bundle Patch 3 (11.1.1.8.3) Released.

What do Sigma, a Leadership class and a webcast have in common?

SQL Server:

Stairway to SQL Server Agent – Level 9: Understanding Jobs and Security.

SQL Server Hardware will provide the fundamental knowledge and resources you need to make intelligent decisions about choice, and optimal installation and configuration, of SQL Server hardware, operating system and the SQL Server RDBMS.

SQL Server 2014 In-Memory OLTP Dynamic Management Views.

Why every SQL Server installation should be a cluster.

SQL Server Backup Crib Sheet.

MySQL:

Looking for Slave Consistency: Say Yes to –read-only and No to SUPER and –slave-skip-errors.

More details on disk IO-bound, update only for MongoDB, TokuMX and InnoDB.

Making the MTR rpl suite GTID_MODE Agnostic.

Open Source Appreciation Day’ draws OpenStack, MySQL and CentOS faithful.

MongoDB, TokuMX and InnoDB for disk IO-bound, update-only by PK.

Webcast: Database Cloning in Minutes using Oracle Enterprise Manager 12c Database as a Service Snap Clone

Since the demands
from the business for IT services is non-stop, creating copies of production
databases in order to develop, test and deploy new applications can be
labor intensive and time consuming. Users may also need to preserve private
copies of the database, so that they can go back to a point prior to when
a change was made in order to diagnose potential issues. Using Snap Clone,
users can create multiple snapshots of the database and “time
travel
” across these snapshots to access data from any point
in time.


Join us for an in-depth
technical webcast and learn how Oracle Cloud Management Pack for Oracle
Database's capability called Snap Clone, can fundamentally improve the
efficiency and agility of administrators and QA Engineers while saving
CAPEX on storage. Benefits include:



  • Agile provisioning
    (~ 2 minutes to provision a 1 TB database)

  • Over 90% storage
    savings

  • Reduced administrative
    overhead from integrated lifecycle management


Register
Now!


April 24 — 10:00 a.m. PT | 1:00 p.m. ET

May 8 — 7:00 a.m. PT | 10:00 a.m. ET | 4:00 p.m. CET

May 22 — 10:00 a.m. PT | 1:00 p.m. ET





Indexing Foreign Key Constraints With Bitmap Indexes (Locked Out)

Franck Pachot made a very valid comment in my previous entry on Indexing Foreign Keys (FK) that the use of a Bitmap Index on the FK columns does not avoid the table locks associated with deleting rows from the parent table. Thought I might discuss why this is the case and why only a B-Tree index does […]

Netherlands ADF Event with AMIS: Enterprise to Mobility

For Oracle customers interested in ADF, mobility and all things enterprise, Frank Nimphius, Steven Davelaar and myself have the pleasure of attending and presenting at an AMIS hosted ADF conference Wednesday May 21st through Friday May 23rd in Nieuwegein Netherlands.  

Rarely is there a conference focused purely on ADF and ADF Mobile, especially 3 days worth, so as you can appreciate this represents a unique opportunity to talk and learn from your ADF peers.  What makes this conference particularly interesting from my perspective is that it's not just Oracle staff giving the Oracle view of the world, but AMIS staff, Oracle ACE/ACE Directors and real customers will also be presenting.  I'm betting there is going to be a few "friendly debates" during the 3 days.

(though Oracle staff reserve the right to be always right regardless, it's in the safe harbour slide don't you know ;-)

We hope you'll take the opportunity to join us in May. You can check out a full description of the agenda via this AMIS blog post, as well as this site for registration.

KeePass 2.26 Released

KeePass 2.26 has recently been released. I would suggest going with the portable version, which is an unzip and go application.

If you want to know how I use KeePass, check out my article called Adventures with Dropbox and KeePass.

Cheers

Tim…


KeePass 2.26 Released was first posted on April 16, 2014 at 11:08 pm.
©2012 "The ORACLE-BASE Blog". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement.

MobaXterm 7.1 Released

If you are using a Windows desktop, you need MobaXterm in your life! Version 7.1 has recently been released…

I know you think you can’t live without Putty, Cygwin and/or Xming, but you really can. Give MobaXterm a go and I would be extremely surprised if you ever go back to that rag-tag bunch of apps…

Cheers

Tim…

PS. Includes “Updated OpenSSL library to 1.0.1g (for “Heartbleed Bug” correction)”


MobaXterm 7.1 Released was first posted on April 16, 2014 at 11:03 pm.
©2012 "The ORACLE-BASE Blog". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement.

WordPress 3.9 Released

Hot on the heels of WordPress 3.8.3 comes WordPress 3.9! The downloads and changelog are in the usual places.

I’ve just manually initiated the auto-update on five blogs and all went through OK.

Cheers

Tim…


WordPress 3.9 Released was first posted on April 16, 2014 at 10:20 pm.
©2012 "The ORACLE-BASE Blog". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement.

EM12c Utilizing After Hours Notification Schedule- Part II

Now that we learned in Part I how to create a notification schedule for a specified user so that it will only page one individual on an oncall rotation, I’ll now show you how to use this in conjunction with rulesets to complete the process of modernizing and automating your oncall.

In my Test scenario, I’ve already made copies of the main rule sets, have deviated rules by three rules and four groups, (mission critical, production, test and development.)

  • Mission critical are all systems that I WANT to be paged for after hours and need to know immediately if there is an issue.
  • Production are important systems that I want to be notified of, but do NOT want to wake up resources at night time of, as these incidents will not cause an outage and can be addressed in the business day.
  • Development and test, for this example, will be treated the same way and will only email issues to the DBA team, as the development group has privileges to often address issues they have caused in the process of developing and testing.

With this said, now we look at our Rule Sets.  Notice I’ve disabled the default rules that come with the EM12c, but have made copies that I can use to offer the best value to the business.

rule_sets_dba_notif2

 

Let’s click on the left box to the rule named Mission Critical Incident Rule Set and click on Actions, Edit.

rule_sets_dba_notif3

 

Notice that the rule set is only specific to Specific Targets by group and the group is Mission Critical.  We then click on the Rules tab and we can update the current rule setting to use our new DBA_PAGE user!

Editing the Rule Set

There are two things we are going to do to the first, major rule set for metric alerts.

1.  We are going to limit the categories that we want to be notified for.  I want you to see this option so you can decide what categories that you want to page on and can update this as you want.  For our example, I am going to limit our metric rule set to the categories of Capacity and Availability.  At the end, I’ll show you how to create a second rule to email on the rest.

Click on the left of the rule set and then click on Edit up in the menu bar.

rule_sets_dba_notif4

 

We’ll then edit the categories to limit to the two we spoke about above.  You’ll be able to see all the categories in the drop down and note in your incident notifications you receive what categories are important to you for email vs. pages.

rule_sets_dba_notif5

 

Click on Next to continue onto the actions.

2.  We are going to update the rule to use the new DBA_PAGE user to page for the metric alerts in these two categories.

rule_sets_dba_notif6

 

 

We’ve already got a pretty advanced set of actions to perform in the Action Summary.  I like to automate many of the Incident Manager tasks, but this time around, we are going to add a page option to the actions.  The firsts rule is already highlighted, so simply click on Edit in the menu bar to proceed.

rule_sets_dba_notif7

I’m going to have all paged Incidents assigned automatically to the DBA_PAGE user and then I’m going to add the DBA_PAGE in the Page section in the Basic Notification section.

rule_sets_dba_notif8

You can also enable Repeat notifications if you want to take this one step further, (we’ll go into this more in another blog post, but I thought I’d at least show it to you in this one… :))

If satisfied, I’d recommend clicking in the box to clear events permanently to keep your repository cleaned up and then click continue to review the changes you’ve made:

rule_sets_dba_notif9

 

You’ll now see that the owner for the incident will be set to the DBA_PAGE user and you now page the DBA_PAGE user along with emails sent.  Keep in mind, only during the notification schedule active times will this be able to notify, so Monday-Friday, 8-5, no paging will occur as that’s how we set it up in our Part I of this blog post series.

We now need to do this for each of the rules that we want to page on from this rule set:

  • Create incident for critical metric alerts, (for only two categories…)
  • Create incident for critical Service Level Agreement Alerts
  • Incident creation Rule for Target Down availability stattus
  • Incident creation rule for high-availability events.

As promised, I think created a new rule set to cover the categories no longer covered in the original.  Click on Create in the menu bar and create the following rule:

rule_sets_dba_notif10

 

Add the following Actions, ENSURING you do not choose to PAGE and assign the rule to SYSMAN as you would do your standard rules you did before.  This is just to cover all your other categories, but NOT PAGE on them.

rule_sets_dba_notif11

 

Complete the review, name the rule Metric Alert for All Other Categories to Email and then click Save and then SAVE ALL YOUR CHANGES you’ve made.

You have now updated all the rule sets to use the DBA_PAGE user we set up in Part I of this series and it will only notify that user during the scheduled time it is to be active, in this case, just for after hours support and to rotate on a one week schedule between three DBA’s SMS contact information!

 

 

 

 



Tags:  

Del.icio.us
Facebook
TweetThis
Digg
StumbleUpon


Copyright © DBA Kevlar [EM12c Utilizing After Hours Notification Schedule- Part II], All Right Reserved. 2014.

OEM After Hours Notification Schedule Option- Part I

I came across a discussion on Oracle-l on how after hours paging was handled for many companies and was kind of surprised how many DBAs still carry around a secondary pager/cell phone or are just expected to be woke up if on call or not.  I’m not one to go back to sleep once I’m woke, so I’ve been a proponent of EM notification schedules for after hours paging.  Now there are other ways to handle this in Enterprise Manager 12c as well, but we’ll use this method, as it is backward compatible to OEM 10g, too.

The requirement of this setup is to have an inbox alerting option separate from your SMS/Texting option on your smartphone, which can be Android or iphone, even blackberry, any of these are more than acceptable to satisfy the requirement.  The next is know your SMS notification email address.

Example-  TMobiles would be <cell number>@tmomail.net and ATT would be <cell number>@mms.att.net.

Your mobile provider can verify what your email extension is for your SMS address.  With this information in hand, you can then proceed with the setup.  The design is simple-  All email notification will continue to go to your email, no matter if warnings or critical, but we will create a secondary user that will have the SMS addresses for the DBAs oncall and set them up for a rotation to be notified of critical issues.

Sit down and first figure out how often you want to rotate your schedule, weekly, every two weeks, once per month and any vacation or time off coming up.  That should tell you what your rotation needs to be to keep things sane.

Create the Paging User in Enterprise Manager

First we need to create the user that will then be utilized for paging.  This can be done from the Setup, Security, Administrators menu in the console.

admin_pg_0416

We have all our DBAs currently listed, but for this user, we will need each of their SMS addresses and once you have those, click on Create.

Name the user DBA_PAGE and put in the following values, and it can be set to an Administrator, but just for this example, I shortened the process and created it as a Super Admin, (this is not required…)

dba_page_0416

Note that I’ve entered each of the DBA’s SMS addresses into the Email Address section, separated by commas and that I’ve entered a clear description of what this login is used for.

Click on Finish and your new DBA_PAGE user is now listed.

admin_pg_2_0416

Managing the DBA_PAGE User

Once you’ve completed the entry and then log out of the EM12c console as your current user and log back in as the DBA_PAGE user, (just easier to manage the notification schedule as this user…)

dba_page_login_0416

 

Next you need to create the notification schedule, but I’ll first show you how you can add more users easily to this Administrator:

dba_page_login_3_0416

 

Once you’ve accessed this page, you will note that new email addresses can be added easily:

dba_page_info

 

The Add Another Row option will allow you to add another SMS address and then you can check mark just that address and test it.  You can also remove addresses from here of DBAs that have moved on from the company.

Editing the My Notification Schedule

dba_page_notif_sched1

 

This is again accessed from the Setup menu on the right hand of screen and once you are in the My Notification Schedule, you will see the following:

dba_page_notif_sched2

This is the default schedule, starts from the day the user was created and would notify ALL email addresses in the list.  We are going to replace this schedule with a new one that supports a three week rotation of oncall, notifying on one DBA each week, switching automatically each week to the next DBAs SMS address.

Click on Edit Schedule Definition in the upper right of the screen.

dba_page_notif_sched3

As starting a rotation in the middle of a schedule would be difficult, we are going to choose the following Monday as our beginning.  You can see the default is a one week rotation and that the time zone is set to Canadian Central Time, (I have no idea where that came from… :))

dba_page_notif_sched4

 

For our example, we are going for a three week rotation, (three DBAs, three week rotation… :)) We’ll start the rotation this following Monday, April 21st and we’re going to say that the DBAs are on Mountain Time.

We are then given a schedule of three weeks to fill in for who is oncall.  By default, it will want to offer us all three SMS addresses entered for the user.  We will only use the first one, we will click on Week 1 to fill in, ensure we are VIEWING Week 1 and now to fill in our schedule.

dba_page_notif_sched5

 

To create a schedule that DOES NOT notify during business hours, there is a batch file for each week of three steps.  There is no way around this, so I’ll use the following schedule creation and then repeat it for the 2nd and 3rd week for the two other DBAs.

dba_page_notif_sched6

 

Now notice that we’re still viewing and editing week 1, and choosing all the days, but I’ve changed the time to show 12am-8am to fill in with the first DBA’s SMS address.

Finally, we fill in for the last time slot, Saturday and Sunday during the weekend daytime.

dba_page_notif_sched7

 

Your scheduled should now look something like this, with all sections above and below business hours filled in with the 1st DBA’s SMS Address for notifications:

dba_page_notif_sched8

 

We then will click on the down arrow button on the View menu and choose the second week, then do the same for the check mark in the box for Weeks, ensuring we are changing the schedule for Week 2.  We’ll repeat the scheduling, but will also change the Email Address to the second DBA’s SMS Address by clicking on the search.

dba_page_notif_sched9

Once you have filled in everything for the Second DBA, you will switch to View Week 3 and edit Week 3 for the third DBA and fill in that schedule:

dba_page_notif_sched10

 

Once completed, Save the changes.

The default view may alarm you at first, as it will be empty:

dba_page_notif_sched11

 

The reason is the first date that is shown, which is the current date and if you remember from our example, we decided to start our rotation on April 21st.  Go to the View Week Containing and change it to April 21st.

You will now see the rotation schedule for the first DBA for after hours.

dba_page_notif_sched13

 

Updating the date for the next week will display the 2nd DBA’s rotation:

dba_page_notif_sched14

 

And then if you switch the date to first week of May, we see the third DBA:

dba_page_notif_sched15

 

If you go past that, you’ll see that the rotation continues, starting again with the first DBA for the next week and will continue on without change unless you edit or replace the schedule.

If for some reason, let’s say a DBA can’t take a shift that is in their weekly schedule for one night, you can go into that DAY’s shift and edit it to one of the other two DBAs in the list.

Now you’ve finished setting up an after hours pager in a notification schedule.  In Part II, I will show you how to use the notification schedule/user with rule sets to page on critical notifications.

 

 

 

 



Tags:  

Del.icio.us
Facebook
TweetThis
Digg
StumbleUpon


Copyright © DBA Kevlar [OEM After Hours Notification Schedule Option- Part I], All Right Reserved. 2014.