How do I collect from Oracle SQL databases ?
The Nanitor Oracle SQL benchmarks support Oracle versions 11g and 12c through the Nanitor Collector.
- You need to have a Nanitor Collector up and running. A single collector can collect from multiple network devices, servers and databases.
- You need to have the IP address of the Oracle SQL database and the collector needs to have network access to connect to the database.
- You need to have an Oracle user with the following privileges at minimum:
- CREATE SESSION
- Role SELECT_CATALOG_ROLE
- SELECT on SYS.DBA_USERS_WITH_DEFPWD
- SELECT on AUDIT_UNIFIED_POLICIES (12c only)
- SELECT on AUDIT_UNIFIED_ENABLED_POLICIES (12c only)
Example of creating an Oracle SQL User for benchmarking (with minimum privileges):
The following shows an example of creating a user with minimum privileges in Oracle SQL called nanitor_user with password mypass. For both 11g and 12c:
> create user nanitor_user identified by mypass; > grant create session to nanitor_user; > grant select_catalog_role to nanitor_user; > grant select on sys.dba_users_with_defpwd to nanitor_user;
In addition on 12c (not available on 11g):
> grant select on AUDIT_UNIFIED_POLICIES to nanitor_user; > grant select on AUDIT_UNIFIED_ENABLED_POLICIES to nanitor_user;
Specifying the credentials
The credentials are created as follows
$ sudo /usr/lib/nanitor-collector/bin/nanitor-collector-ctl credential_add --title oracle-nanitor1 --access_method database --username nanitor_user --password mypass<br>
Starting data collection
To go ahead and start collection from the Oracle database (here with IP address 184.108.40.206):
$ sudo /usr/lib/nanitor-collector/bin/nanitor-collector-ctl database_add --title oracle-db1 --database_type oracle --address 220.127.116.11 --credential_title oracle-nanitor1
In case it is required to specify the service name, it can be done through the --database flag. For example for service name XE:
$ sudo /usr/lib/nanitor-collector/bin/nanitor-collector-ctl database_add --title oracle-db1 --database_type oracle --address 18.104.22.168 --credential_title oracle-nanitor1 --database XE<br>
This can take a few seconds as it will complete authenticating and fully collecting the first results. Once completed, the results will be immediately available in the Nanitor UI. The collector will continue collecting results once every 24 hours.