Skip to content

Oracle Database collector requirements

As with all other assets that leverage the collector a user account with the right permission is required for successful collection. If the user does not have the right permission the collection will fail and benchmark calculations can not be completed.

If you get the following error in the collector debug screen you know you have a permission issue:

Failed to run scap checkin benchmark: ORA-00942: table or view does not exist

Steps to set up a new account correctly:

  1. Connect to the sysdba.
sh-4.2$ sqlplus /nolog

SQL*Plus: Release 19.0.0.0.0 - Production on Fri Jan 13 22:28:44 2023
Version 19.3.0.0.0

Copyright (c) 1982, 2019, Oracle.  All rights reserved.

SQL> connect sys/password@orcl as sysdba
Connected.
  1. Create a new user for the benchmark
-- If user is already created a user then give required privilges 
-- in the next step to the user.

SQL> CREATE USER NANITOR_USER IDENTIFIED BY SomeGoodStrongPassword;

User created.
  1. Grant privileges to that user
SQL> GRANT CREATE SESSION TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON AUDIT_UNIFIED_POLICIES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON AUDIT_UNIFIED_ENABLED_POLICIES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_USERS_WITH_DEFPWD TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON V_$DATABASE TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON V_$PDBS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_ROLE_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_PROXIES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_ROLE_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_PROXIES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_USERS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_ROLES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_USERS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_ROLES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_SYS_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_SYS_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_DB_LINKS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_DB_LINKS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_TABLES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_TABLES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_STMT_AUDIT_OPTS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_STMT_AUDIT_OPTS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON V_$SYSTEM_PARAMETER TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_OBJ_AUDIT_OPTS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_TAB_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_TAB_PRIVS TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON CDB_PROFILES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_PROFILES TO NANITOR_USER;

Grant succeeded.

SQL> GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO NANITOR_USER;

Grant succeeded. 

SQL > CREATE VIEW SYS.X_$KSPPI AS SELECT * FROM SYS.X$KSPPI;

View created.

SQL > CREATE VIEW SYS.X_$KSPPCV AS SELECT * FROM SYS.X$KSPPCV;

View created.

SQL > GRANT SELECT ON SYS.X_$KSPPI to NANITOR_USER;

Grant succeeded.

SQL > GRANT SELECT ON SYS.X_$KSPPCV to NANITOR_USER;

Grant succeeded.
  1. Use the new user created in the collector for the database asset.