SIEM & UEBA

Expand all | Collapse all

FortiSIEM and Oracle DB

  • 1.  FortiSIEM and Oracle DB

    Posted Jun 14, 2020 03:21 AM
    Hello everyone,

    Regarding oracle logging, FortiSIEM is collecting audit logs from the oracle audit trail extended mode but missing a field "sqltext" with datatype is CLOB from the audit table.

     How can we capture this field on FortiSIEM?

     



  • 2.  RE: FortiSIEM and Oracle DB

    GROUP ADMIN
    Posted Jun 18, 2020 02:36 AM
    Hi Mohammed,

    Have you got an example of the table field content?

    What version of Oracle are you using?

    Thanks


  • 3.  RE: FortiSIEM and Oracle DB

    Posted Jun 18, 2020 11:32 AM
    Hi Daniel,
    Thanks for your help and support.
    I contacted with TAC and informed me "There is an already Feature request for this situation:
    RFE 0519255 - Discovery | Perf Monitoring | Doc |
    JDBC SQL Monitoring - add an additional column to pull for user auditing on SQL

    I added this ticket to the RFE above to inform developers that is
    still an active request.
    As Technical Assistance Center, we are not involved on NFR, RFE and development Roadmaps.
    If you would like to be updated on the above request you need to contact your SE or regional sale channel ."


  • 4.  RE: FortiSIEM and Oracle DB

    GROUP ADMIN
    Posted Jun 19, 2020 05:09 AM
    Thanks Mohammed, I'll look into this.