EventLog Analyzer for effective Oracle Database auditing and compliance
This guide serves as your comprehensive resource for leveraging ManageEngine EventLog Analyzer to audit, monitor, and secure Oracle Database. The log management solution supports auditing, threat detection, and data security use cases, along with comprehensive compliance reporting capabilities provided by EventLog Analyzer.
Understanding Oracle Database auditing reports: Use cases
Oracle Database auditing captures detailed information about user activities within the database. The data gathered through auditing provides valuable insights into user actions, enabling you to monitor access patterns and identify potential security risks.
Use case | Description | Why implement? | Available reports |
---|---|---|---|
Database activity monitoring | Database activity monitoring involves tracking and analyzing changes, queries, and user actions within a database to ensure data security, detect unauthorized access, and maintain data integrity. | Implementing database activity monitoring enables early detection of suspicious activity, helping prevent potential breaches and data loss. It also supports compliance with regulations by ensuring consistent oversight of sensitive data handling. |
|
Auditing account management | Auditing account management in Oracle Database involves tracking and recording changes to user accounts, roles, and privileges to ensure security and compliance. | To detect unauthorized access or modifications, ensure regulatory compliance, and maintain data integrity by monitoring user activities and changes within the database. |
|
Auditing server report | An auditing server report in Oracle Database tracks and logs database activities, providing detailed records of user actions for security and compliance purposes. | Implementing this ensures the detection of unauthorized access or anomalies, aids in regulatory compliance, and enhances the overall security posture of the database system. |
|
Security reports | Security reports in an Oracle Database provide detailed information about the security posture and potential vulnerabilities of the database system. | Implementing security reports is crucial to identify and mitigate security risks, ensure compliance with regulatory standards, and protect sensitive data from unauthorized access. |
|
Threat detection use cases
The table below outlines the preconfigured threat detection scenarios supported for the Oracle Database platform through EventLog Analyzer. Additionally, our solution provides a customizable correlation rule builder, empowering users to craft their own detection rules.
Use case | Event type | Relevant MITRE ATT&CK TTPs | Detection rules |
---|---|---|---|
SQL injection | Event id: 24001 - Login success |
|
|
Account lockouts | Event ID 4740 - A user account was locked out. |
|
Reports:Applications - Oracle - Security Reports |
Denial of service | Event ID 5149 - Success audit |
|
Reports:Applications - Oracle - Security Reports |
Compliance
The below table illustrates how EventLog Analyzer can help you meet compliance use cases for Oracle Database. For detailed solution mapping, check out this space.
EventLog Analyzer reports and alerts | Detection rules | Regulatory mandates | Requirements |
---|---|---|---|
|
Repeated SQL injection attempts | GDPR |
|
ISLP |
|
||
NRC |
|
||
COCO | 2.Authentication and Access Control | ||
NERC |
|
||
CCPA and CPRA | Section 1798.150.(a) | ||
FERPA | Section 99.31 (a)(1)(ii) | ||
PDPA |
|
||
NIST CSF | Data Security (PR.DS) | ||
POPIA |
|
||
QCF |
|
||
TISAX | 4.2.1 | ||
SAMA |
|
||
PDPL |
|
||
CJDN | Application Development | ||
UAE- NESA | T3.2.3T7.6.1 | ||
LGPD | Art 14 | ||
|
GDPR |
|
|
ISLP |
|
||
NRC |
|
||
CCPA and CPRA | Section 1798.150.(a) | ||
FERPA | Section 99.31 (a)(1)(ii) | ||
PDPA |
|
||
NIST CSF | Data Security (PR.DS) | ||
POPIA |
|
||
QCF |
|
||
SAMA |
|
||
PDPL |
|
||
CJDN | Application Development | ||
UAE- NESA | T3.2.3T7.6.1 | ||
LGPD | Art 14 | ||
|
GDPR |
|
|
ISLP |
|
||
NRC |
|
||
CCPA and CPRA | Section 1798.150.(a) | ||
FERPA | Section 99.31 (a)(1)(ii) | ||
PDPA |
|
||
NIST CSF | Data Security (PR.DS) | ||
POPIA |
|
||
QCF |
|
||
SAMA |
|
||
PDPL |
|
||
CJDN | Application Development | ||
UAE- NESA | T3.2.3T7.6.1 | ||
LGPD | Art 14 | ||
|
GDPR |
|
|
Cyber essentials | User Access Control | ||
NERC |
|
||
CCPA and CPRA | Section 1798.150.(a) | ||
FERPA | Section 99.31 (a)(1)(ii) | ||
CMMC | C013 - CM.2.061 | ||
POPIA | Chapter 3 - Section 19 (2) (a) | ||
QCF |
|
||
TISAX |
|
||
SAMA |
|
||
UAE- NESA |
|
||
LGPD | Art 14 | ||
|
CCPA and CPRA | Section 1798.150.(a) | |
FERPA | Section 99.31 (a)(1)(ii) | ||
POPIA | Chapter 3 - Section 19 (2) (a) | ||
QCF |
|
||
TISAX | 4.1.2 | ||
SAMA |
|
||
CJDN | Application Development | ||
UAE- NESA |
|
||
LGPD | Art 14 |