Nov 13: OOW Day 3 - The morning
I attended a couple of presentations this morning with specific work issues in mind.
The first by Tammy Bednar, the Audit Vault product manager, was about Audit Vault Best Practices. Audit Vault's something that could help address requirements that exist in most workplaces these days. The pressure is on more than ever to track specific database activities and, probably more important, be able to demonstrate to auditors that you're doing so. A bunch of scripts that DBAs run is both inefficient, expensive (in terms of the workload) and prone to failure. Better for the Security team in the company to have a tool that allows them to see a consistent view of audit trails across the entire Oracle estate, including information that would be tricky to extract using Log Miner. If your applications don't already have auditing in place, rolling it out to lots of disparate databases is a big undertaking. If cost and complexity can be reduced, managers are always going to pay attention.
I downloaded Audit Vault just before I travelled out here but haven't played around with it much yet. I was surprised how much of the presentation I knew already, just from web articles and the like, but it was good to see some figures for performance overhead (which is dependant on number of audit records per second) and suggested configurations. The configurations looked pretty low-end and the overhead isn't really overhead to me if the business require it.
She talked about the importance of applications populating CLIENT_IDENTIFIER and that some applications might need an associated login trigger to help with that. She also stated that support for SQL Server and DB2 should be coming along next year.
All in all, it wasn't a heavyweight technical presentation but I enjoyed it because it's something I'm interested in at the moment. If it works as advertised, I think it's going to be very useful. Put it this way, I know of people who write this stuff themselves and that seems like a big waste of time to me and the functionality ends up a fraction of what Audit Vault could do.
Next up was 'Storage Secrets for DBAs'. I heard one particularly negative comment from behind me as I was leaving and I'm not sure why. I think the title might not have helped and people were looking for a deep-dive into how storage works. Instead, it was a presentation about Oracle's EM storage plug-ins. Personally, I think these could prove a god-send to DBAs. By exposing more of what's going on in the storage subsystem, maybe we can work together with Storage Admins to solve problems. I'm an idealist
I liked the anecdote at the end. When the plug-ins were presented to Storage Admins at EMC, they were right behind them, because if DBAs could examine the storage information, they might realise it's *not* the storage that's to blame. Mmmmm ... I think I'll blog about that again soon.
Someone tried to find out about licences and costs at the end but in the fairly obtuse answer all I could hear myself thinking was 'tons of cash'.
OK, back to the conference. I'm going to try to get into Tom Kyte's last session this afternoon but I'm not registered for it, so have 11g Data Pump to fall back on. Then the boss from my current client site wants to meet up at 4:30. God, not more drinking! (It also means I'll miss Graham Wood ... damn)
The first by Tammy Bednar, the Audit Vault product manager, was about Audit Vault Best Practices. Audit Vault's something that could help address requirements that exist in most workplaces these days. The pressure is on more than ever to track specific database activities and, probably more important, be able to demonstrate to auditors that you're doing so. A bunch of scripts that DBAs run is both inefficient, expensive (in terms of the workload) and prone to failure. Better for the Security team in the company to have a tool that allows them to see a consistent view of audit trails across the entire Oracle estate, including information that would be tricky to extract using Log Miner. If your applications don't already have auditing in place, rolling it out to lots of disparate databases is a big undertaking. If cost and complexity can be reduced, managers are always going to pay attention.
I downloaded Audit Vault just before I travelled out here but haven't played around with it much yet. I was surprised how much of the presentation I knew already, just from web articles and the like, but it was good to see some figures for performance overhead (which is dependant on number of audit records per second) and suggested configurations. The configurations looked pretty low-end and the overhead isn't really overhead to me if the business require it.
She talked about the importance of applications populating CLIENT_IDENTIFIER and that some applications might need an associated login trigger to help with that. She also stated that support for SQL Server and DB2 should be coming along next year.
All in all, it wasn't a heavyweight technical presentation but I enjoyed it because it's something I'm interested in at the moment. If it works as advertised, I think it's going to be very useful. Put it this way, I know of people who write this stuff themselves and that seems like a big waste of time to me and the functionality ends up a fraction of what Audit Vault could do.
Next up was 'Storage Secrets for DBAs'. I heard one particularly negative comment from behind me as I was leaving and I'm not sure why. I think the title might not have helped and people were looking for a deep-dive into how storage works. Instead, it was a presentation about Oracle's EM storage plug-ins. Personally, I think these could prove a god-send to DBAs. By exposing more of what's going on in the storage subsystem, maybe we can work together with Storage Admins to solve problems. I'm an idealist
I liked the anecdote at the end. When the plug-ins were presented to Storage Admins at EMC, they were right behind them, because if DBAs could examine the storage information, they might realise it's *not* the storage that's to blame. Mmmmm ... I think I'll blog about that again soon.
Someone tried to find out about licences and costs at the end but in the fairly obtuse answer all I could hear myself thinking was 'tons of cash'.
OK, back to the conference. I'm going to try to get into Tom Kyte's last session this afternoon but I'm not registered for it, so have 11g Data Pump to fall back on. Then the boss from my current client site wants to meet up at 4:30. God, not more drinking! (It also means I'll miss Graham Wood ... damn)
Trackbacks
Trackback specific URI for this entry
No Trackbacks
