Oracle DB Audit

by David Schwalenberg
November 13, 2013

This dashboard displays the results from an audit check of Oracle database servers. 

The Oracle Database Server asset list is used to identify all Oracle database servers on the network; this asset list is available in the SecurityCenter app store feed. The audit checks are contained in audit files that can be downloaded from the Tenable Customer Support Portal. Any Oracle database servers audited by performing Nessus scans with these policies can be used to populate this dashboard; both the Oracle database and the server OS (Windows, Linux, or Unix) should be audited because the security of the server depends on minimizing the vulnerabilities of both.

The dashboard displays the audit results and summarizes them by severity, by server, and by vulnerability area. In the dashboard, green indicates passed audit checks, red indicates failed audit checks, and orange indicates audit checks that could not be performed automatically and need to be verified manually.

The dashboard and its components are available in the SecurityCenter 4.7 Dashboard app feed, an app store of dashboards, reports, and assets.

The dashboard requirements are:

  • SecurityCenter 4.7
  • Nessus 5.2.1
  • Oracle Database Server asset
  • Oracle database compliance audit files

Listed below are the included components:

Oracle DB Audit - Results by Severity
This component displays a pie chart of audit results grouped by severity. Informational severity indicates passed audit checks, High severity indicates failed audit checks, and Medium severity indicates audit checks that could not be performed automatically and need to be verified manually.

Oracle DB Audit - Results in Select Vulnerability Areas
This component displays counts of the audit results that passed, that failed, and that require manual verification within each of the specified vulnerability areas. The grouping is done by aggregating results from all the plugins that contain a specified text string within their names. For example, results from all plugins with “access” in their names are aggregated to obtain the total count of access vulnerabilities.

Oracle DB Audit - Non-Passing Results in Select Vulnerability Areas
This component displays counts of the audit results that did not pass (failed or require manual verification) within each of the specified vulnerability areas. For each count, a bar graph showing the percentage of the total non-passing results is given. The grouping is done by aggregating results from all the plugins that contain a specified text string within their names. For example, results from all plugins with “access” in their names are aggregated to obtain the total count of access vulnerabilities.

Oracle DB Audit - Results by Server
This component displays audit results grouped by database server.

Oracle DB Audit - Results Summary
This component displays all audit results that are either pass (Informational severity) or fail (High severity). Failed results are given first. Results that require manual verification are not included.

Oracle DB Audit - Results Requiring Manual Verification
This component displays all audit checks that could not be performed automatically and need to be verified manually (Medium severity).