Skip to main content
m_abureesh
m_abureesh
New Member
June 14, 2020
Question

FortiSIEM and Oracle DB

  • June 14, 2020
  • 1 reply
  • 1061 views
Hello everyone,

Regarding oracle logging, FortiSIEM is collecting audit logs from the oracle audit trail extended mode but missing a field "sqltext" with datatype is CLOB from the audit table.

 How can we capture this field on FortiSIEM?

 

    1 reply

    FSM_FTNT
    Staff
    FSM_FTNT
    Staff
    June 18, 2020
    Hi Mohammed,

    Have you got an example of the table field content?

    What version of Oracle are you using?

    Thanks-------------------------------------------
    Original Message:
    Sent: Jun 14, 2020 03:20 AM
    From: Mohammed Abureesh
    Subject: FortiSIEM and Oracle DB

    Hello everyone,

    Regarding oracle logging, FortiSIEM is collecting audit logs from the oracle audit trail extended mode but missing a field "sqltext" with datatype is CLOB from the audit table.

     How can we capture this field on FortiSIEM?

     

    m_abureesh
    m_abureeshAuthor
    New Member
    June 18, 2020
    Hi Daniel,
    Thanks for your help and support.
    I contacted with TAC and informed me "There is an already Feature request for this situation:
    RFE 0519255 - Discovery | Perf Monitoring | Doc |
    JDBC SQL Monitoring - add an additional column to pull for user auditing on SQL

    I added this ticket to the RFE above to inform developers that is
    still an active request.
    As Technical Assistance Center, we are not involved on NFR, RFE and development Roadmaps.
    If you would like to be updated on the above request you need to contact your SE or regional sale channel ."-------------------------------------------
    Original Message:
    Sent: Jun 18, 2020 02:35 AM
    From: Daniel Hanman
    Subject: FortiSIEM and Oracle DB

    Hi Mohammed,

    Have you got an example of the table field content?

    What version of Oracle are you using?

    Thanks
    Original Message:
    Sent: Jun 14, 2020 03:20 AM
    From: Mohammed Abureesh
    Subject: FortiSIEM and Oracle DB

    Hello everyone,

    Regarding oracle logging, FortiSIEM is collecting audit logs from the oracle audit trail extended mode but missing a field "sqltext" with datatype is CLOB from the audit table.

     How can we capture this field on FortiSIEM?

     

    FSM_FTNT
    Staff
    FSM_FTNT
    Staff
    June 19, 2020
    Thanks Mohammed, I'll look into this.-------------------------------------------
    Original Message:
    Sent: Jun 18, 2020 11:32 AM
    From: Mohammed Abureesh
    Subject: FortiSIEM and Oracle DB

    Hi Daniel,
    Thanks for your help and support.
    I contacted with TAC and informed me "There is an already Feature request for this situation:
    RFE 0519255 - Discovery | Perf Monitoring | Doc |
    JDBC SQL Monitoring - add an additional column to pull for user auditing on SQL

    I added this ticket to the RFE above to inform developers that is
    still an active request.
    As Technical Assistance Center, we are not involved on NFR, RFE and development Roadmaps.
    If you would like to be updated on the above request you need to contact your SE or regional sale channel ."
    Original Message:
    Sent: Jun 18, 2020 02:35 AM
    From: Daniel Hanman
    Subject: FortiSIEM and Oracle DB

    Hi Mohammed,

    Have you got an example of the table field content?

    What version of Oracle are you using?

    Thanks
    Original Message:
    Sent: Jun 14, 2020 03:20 AM
    From: Mohammed Abureesh
    Subject: FortiSIEM and Oracle DB

    Hello everyone,

    Regarding oracle logging, FortiSIEM is collecting audit logs from the oracle audit trail extended mode but missing a field "sqltext" with datatype is CLOB from the audit table.

     How can we capture this field on FortiSIEM?

     

    Terms & ConditionsAccessibility statement