Feed aggregator

January 2015 Critical Patch Update Released

Oracle Security Team - Tue, 2015-01-20 14:55

Hi, this is Eric Maurice.

Oracle today released the January 2015 Critical Patch Update. This Critical Patch Update provides 169 new fixes for security issues across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Enterprise Manager, Oracle E-Business Suite, Oracle Supply Chain Suite, Oracle PeopleSoft Enterprise, Oracle JDEdwards EnterpriseOne, Oracle Siebel CRM, Oracle iLearning, Oracle Java SE, Oracle Sun Systems Products Suite, Oracle Linux and Virtualization, and Oracle MySQL.

Out of these 169 vulnerabilities, 8 are for the Oracle Database. None of these database vulnerabilities are remotely exploitable without authentication, but a number of these vulnerabilities are relatively severe. The most severe of these database vulnerabilities (CVE-2014-6567) has received a CVSS Base Score of 9.0 to denote that a full compromise of the targeted server is possible on the Windows platform (for versions prior to Database 12c) but requires authentication (The CVSS Base Score for platforms other than Windows and for Database 12C on Windows is 6.5).

One database vulnerability (CVE-2014-6577) received a CVSS Base Score of 6.8. If successfully exploited, vulnerability CVE-2014-6577 can result in a complete confidentiality compromise of the targeted systems on database versions prior to 12c on the Windows platform. The CVSS Base Score for CVE-2014-6577 is 6.5 (the reported confidentiality impact value is "Partial+") for Database 12c on Windows and for all versions of the Database on Linux, Unix and other platforms.

Two database vulnerabilities received a CVSS Base Score of 6.5 (CVE-2014-0373 and CVE-2014-6578). The CVSS Base score of 6.5 for these vulnerabilities along with the Partial+ ratings indicate that a successful compromise of the vulnerabilities could result in a possible compromise of the entire database, but authenticating to the targeted system is required.

Because of the severity of these issues, Oracle highly recommends that this Critical Patch Update be applied against affected systems as soon as possible. As a reminder, the security risk matrices listed on the Critical Patch Update advisory lists the affected versions, and the accompanying patch availability document provides information about how to obtain the appropriate patches.

Note that, as discussed in a previous blog entry by Darius Wiles, the CVSS Special Interest Group has recently published a preview of the upcoming CVSS version 3.0 standard. A major improvement planned for this updated version of CVSS is the addition of a Scope metric that will provide a more generic way to indicate if the impact of a vulnerability extends beyond the component that contains the vulnerability. As a result, this new ‘Scope’ metric will eliminate the need for Oracle to use a Partial+ custom score.

This Critical Patch Update provides 36 new fixes for Oracle Fusion Middleware products. The most severe of these Fusion Middleware vulnerabilities has received a CVSS Base Score of 9.3. Two of the Oracle Fusion Middleware vulnerabilities fixed in this Critical Patch Update can result in a server takeover (CVE-2011-1944 and CVE-2014-0224).

This Critical Patch Update provides a number of security fixes for Oracle Applications, including 10 new fixes for Oracle E-Business Suite, 6 for Oracle Supply Chain Suite, 7 for Oracle PeopleSoft Enterprise, one for Oracle JDEdwards EnterpriseOne, 17 for Oracle Siebel CRM, and 2 for Oracle iLearning. Oracle Applications customers should apply these fixes as soon as possible, as well as apply other relevant fixes in the Oracle stack as prescribed in the Critical Patch Update Advisory and associated documentations. It is also very important that application customers remain on actively support versions from Oracle so that they can benefit from Oracle’s ongoing security assurance effort, and continue to get security fixes which are thoroughly tested across the Oracle stack. Customers who have these applications hosted on their behalf should ensure that their service providers apply these patches in a timely fashion upon successful testing.

This Critical Patch Update also provides 29 new security fixes for the Oracle Sun Systems Products Suite. The highest CVSS Base Score reported for these vulnerabilities is 10.0. This vulnerability (CVE-2013-4784) affects XCP Firmware versions prior to XCP 2232. Note that per Oracle’s Lifetime Systems Support Policy; Oracle will no longer systematically assess new security vulnerabilities against Solaris 8 and Solaris 9.

This Critical Patch Update delivers 19 new security fixes for Oracle Java SE. The most severe of these vulnerabilities received a CVSS Base Score of 10.0. This score is reported for 4 distinct Java SE client-only vulnerabilities (CVE-2014-6601; CVE-2015-0412; CVE-2014-6549; and CVE-2015-0408). Out of these 19 vulnerabilities, 15 affect client-only installations, 2 affect client and server installations, and 2 affect JSSE installations. This relatively low historical number for Oracle Java SE fixes reflect the results of Oracle’s strategy for addressing security bugs affecting Java clients and improving security development practices in the Java development organization.

It is very important to note that, with this Critical Patch Update, Oracle will change the behavior of Java SE in regards to SSL. This Critical Patch Update will disable by default the use of SSL version 3.0. SSL v3.0 is widely regarded as an obsolete protocol, and this situation is aggravated by the POODLE vulnerability (CVE-2014-3566). As a result, this protocol is being widely targeted by malicious hackers.

Organizations should disable the use of all versions of SSL as they can no longer rely on SSL to ensure secure communications between systems.

Customers should update their custom code to switch to a more resilient protocol (e.g., TLS 1.2). They should also expect that all versions of SSL be disabled in all Oracle software moving forward. A manual configuration change can allow Java SE clients and server endpoints, which have been updated with this Critical Patch Update, to continue to temporarily use SSL v3.0. However, Oracle strongly recommends organizations to phase out their use of SSL v3.0 as soon as possible.

For More Information:

The Critical Patch Update Advisory is located at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

See Darius Wiles’ blog entry about upcoming changes to the CVSS Standard at https://blogs.oracle.com/security/entry/cvss_version_3_0_preview

Big Data and the importance of Meta-Data

Steve Jones - Tue, 2015-01-20 09:00
Data isn't really respected in businesses, you can see that because unlike other corporate assets there is rarely a decent corporate catalog that shows what exists and who has it.  In the vast majority of companies there is more effort and automation put into tracking laptops than there is into cataloging and curating information. Historically we've sort of been able to get away with this
Categories: Fusion Middleware

I Have Lots Of Oracle Database Server Power But Performance Is Slow/Bad

This page has been permanently moved. Please CLICK HERE to be redirected.

Thanks, Craig.I Have Lots Of Oracle Database Server Power But Performance Is Slow/Bad

Oracle Database parallelism and serialization is what we as Oracle Database Administrators live and die for. You have a screaming fast Oracle Database system and there is lots of computing power available.

But performance is unacceptable; users are screaming, the phone is ringing, and those fancy dashboards are flashing like it's Christmastime.

What is going on?! What can I do about it?! That's what this post is about.

Learn By Doing

Back in December on the third day of my Oracle Performance Firefighting class, I had each student bring in an AWR report from one of their systems that was giving them problems. (I keep my classes small, giving each student time to do their analysis and time for us to talk about it as a class.)
Get this:
Half of the systems had a similar "problem." I think it's important every DBA understands this "problem" because it's more common than most people believe.

There was plenty of computing power and the key SQL statement they cared about was a batch job. What was the core problem? The quick answer is "serialization" that is, a lack of parallelism. Exploring this using a very large production system AWR report and coming up with solutions is what this posting is all about.

Serialization Is Death

In Oracle systems, serialization is death and parallelism is life. Follow this line: business, end user, application designer, DBA, Oracle Database Kernel Architects (or whatever their title is), OS Administrators, OS designers, CPU designers and IO subsystem designers all have something in common. They work hard to parallelize tasks. Just one example: Oracle is designed to have multiple background and foreground processes running parallel.

But all this parallelization effort can be wasted and minimized if a process turns into a serial work stream (at any level; Oracle, OS, business, etc.). The result is "slowness" because the wall time increases.

Available Power And Slowness Equals Opportunity

When I tune Oracle Database systems, I look for opportunities. And each of my solutions will specifically target an opportunity. When I see unused power and complaints of slowness, I look for ways to increase parallelism. Why? Because having available power combined with slowness likely means a serialization limitation exists.

For sure serialization may be necessary. Two examples come to mind; Oracle database memory serialization control (think: latch and mutex) and business rules.

But if I can find a way to increase performance by using up available power by increasing parallelism, I'll likely be able to turn a slow serialization situation into a screaming fast parallelization situation!

How To Recognize A Serially Constrained System

It's easy to recognize a serially constrained system. Ask yourself these two questions. First, is there available CPU or IO power? Second, are there complaints of application "slowness." If the answer to both of these questions is "Yes" then there is likely a serialization issue. Furthermore, the general solution is to use the available resources to our advantage. That is, find areas to increase parallelization, which will use the available resources and improve performance.

If you have the power, use it! What are you saving it for?

(There may be a very good answer to the "saving" but I'll save that for another article.)

Can I Be Out Of CPU And Be Serially Constrained?
Yes. An Oracle Database system can be serially constrained and be out of OS resources. A great example of this is when there is a raging Oracle memory serialization issue. If you see both significant Oracle latching or mutex wait time combined with a raging CPU bottleneck, you likely have a serialization issue... an Oracle Database memory structure access serialization issue.

So, while available power on a "slow" system likely means we have a serially constrained system there are situations in Oracle with a raging CPU bottleneck that also means there is likely a serialization issue.

Find Out: Is There Available CPU Power?

Here Is A Real Life Situation. To simplify, I'm going to focus on only instance number one. Look at instance number one in the below picture.

The above AWR report snippet shows RAC node #1 OS CPU utilization at 15%. This means that over the AWR report snapshot interval, the average CPU utilization was 15%. I never initially trust an AWR report for calculated results. Plus it's good practice to do the math yourself. If you use the super fast busy-idle method I have outlined in THIS POST and detailed in my online seminar, Utilization On Steroids, the utilization calculates to 16% ( 0.5/(0.5+2.7)=0.16 ). So the AWR Report's 15% for CPU "% Busy" looks to be correct.

Clearly with an average CPU utilization of 15%, we have an opportunity to use the unused CPU power to our advantage.

Find Out: Is There Available IO Power?

I am looking for fast IO responsiveness. That is, a low response time. A great way to get a quick view of IO subsystem responsiveness is to look at the average wait time for the event, db file sequential read.

The wait event, db file sequential read is the time it takes to read a single block synchronously. I like to call it a pure IO read call: a) what time is it? b) make the IO call and wait until you get it, c) what time is it? d) calculate the delta and you have the wait time...and the IO read call response time! If you want more details, I wrote about this HERE, which includes a short video.

For our system, let's figure out the single block IO subsystem read response time. Using the same AWR report, here is a screen shot of the Top Time Events.

Again, I'm just going to focus on the first instance. If you look closely (middle right area), you'll see for instance number one, the average db file sequential read time wait time is 2.22ms. That's fast!

There is no way a physical spinning disk is going to return a block in 2.22ms. This means that many of Oracle's single block read calls are be satisfied through some non-Oracle cache. Perhaps an OS cache or an IO subsystem cache. We can't tell, but we do know the block was NOT an Oracle's buffer cache because the db file sequential wait means the block was not found in Oracle's buffer cache.

A single block synchronous IO read call with an average of 2.22ms means there is available IO read capacity and probably available write capacity as well. Again, just like with the OS CPU subsystem, we have unused power that we will try and use to our advantage.

At this point, I will assume there is also plenty of memory and network capacity available. So, the bottom line is we have a "slow" system combined with available CPU and available IO power. Wow! That is a great situation to be in. I call this, "low hanging fruit."

Real Life: Looking For The "Slow" SQL

At the top of this post, I mentioned that in my Firefighting class in each of the "serialization" cases, there was a key SQL statement that was part of a larger batch process. Keep in mind, that at this point in the analysis I did NOT know this. All I knew was that users were complaining and there was plenty of CPU and IO resources.

Usually, in this situation there is a relatively long running process. There could be lots of quick SQL statement involved, but usually this is not the case. And I'm hoping there is a key long running SQL statement that can be parallelized.

Long running can roughly be translated into "high elapsed time." I've have written a number of articles about elapsed time (search my blog for: elapsed time) and even have a free tool with which, you can gather to get more than simply the average elapsed time. And I have online seminars that touch on this subject: Tuning Oracle Using An AWR Report and also, Using Skewed Performance Data To Your Advantage. So there are lots of useful resources on this topic.

In the AWR report, I'm going to look closely at the SQL Statistics, in particular the "SQL ordered by Elapsed Time (Global)." What I really want is the statistics only for instance one, that is, not global. But that's all I have available. Plus the DBAs will/should know if the key SQL statement(s) are run on instance one. Here's the report.

In the report above, look at the elapsed times (second column on the left). Now looking right, find the "Execs", that is, the executions column. The execution column is the number of completed executions within this AWR snapshot range. If the executions is zero, this means the SQL did not complete during the snapshot interval, that is before the ending snapshot.

If you're wondering, these top elapsed time SQL statements are involved in batch processing. When I look at this, I see opportunity, fruit waiting to be harvested!

And I love this: Every DBA in the class in this situation said, "Oh! I know about this SQL. It's always causing problems." Now it's time to do something about it!

Real Life: Putting This All Together

We have identified available CPU and IO capacity. And we have identified THE elapsed time SQL statement. While I'm a pretty laid back kind of guy, at this point I start to apply some pressure. Why? Because the users are complaining, we have identified both an opportunity, the cause of the problem and the general solutions.

There are two general solutions:

1. Do less work. You want to empty a candy dish faster? Then start with less candy in the dish! If you want a SQL statement to run faster, tune the SQL so it touches less blocks.

2. Do the same amount of work, but group the work and run each group at the same time. This is parallelization! This is why the total elapsed time will not decrease (it will probably increase a little) but the wall time will likely decrease... and dramatically! Here is a LINK to posting that contains a short video demonstrating the difference between elapsed time and wall time.

How To Parallelize (in summary)

There are many different ways to parallelize. But the goal is the same: use the available resources to reduce wall time (not necessarily the elapsed time). Perhaps the application can be redesigned to run in parallel streams. But that can take a very long time and be a real hassle. But in many cases, it's the best long term solution.

If you are short on time, are licensed for Oracle Parallel Query and the SQL has been optimized (oh boy... how many times have all heard that before), you likely can use Oracle PQ. And of course, even if the SQL is not optimized, you can still run PQ and performance may be fantastic.

By the way, adding faster IO disks or more IO disks (what is a "disk" is nowadays anyways) will likely NOT work. Remember the IO subsystem is performing wonderfully.

Thanks for reading and enjoy the mystery of your work!

Categories: DBA Blogs

Log Buffer #406, A Carnival of the Vanities for DBAs

Pakistan's First Oracle Blog - Mon, 2015-01-19 01:38
This Log Buffer Edition covers blog posts from various bloggers of Oracle, SQL Server and MySQL.


Sync tables: generate MERGE using Unique constraint.
What Hardware and Software Do YOU Want Oracle to Build?
There were a number of new features introduced in Ops Center 12.2.2. One of the shiny ones is an expansion of the backup and recovery capabilities to include Proxy Controllers.
Want to Be a Better Leader? Answer One Question.
Managing a remote Oracle Database instance with “Geographic Edition”.

SQL Server:

Learn how you can use SQLCop to prevent your developers from writing stored procedures that are named sp_ something.
Data Cleaning in SQL 2012 with Data Quality Services.
Stairway to PowerPivot and DAX - Level 9: Function / Iterator Function Pairs: The DAX MAX() and MAXX() Functions.
Options to Improve SQL Server Bulk Load Performance.
Dynamically Create Tables Based on an Access Table


Stored Procedures: critiques and defences.
JSON UDF functions 0.3.3 have been released.
Business Scalability, Operational Efficiency and Competitive Edge with MariaDB MaxScale 1.0 GA.
MySQL 5.7 labs and the HTTP Plugin – inserting, updating and deleting records in MySQL via HTTP.
Hyper-threading – how does it double CPU throughput?

Published on Pythian Blog
Categories: DBA Blogs

ERROR: The following required ports are in use: 6801 : WLS OAEA Application Port

Vikram Das - Fri, 2015-01-16 13:55
Anil pinged me today when his adop phase=fs_clone failed with this error message:

ERROR: The following required ports are in use:
6801 : WLS OAEA Application Port
Corrective Action: Free the listed ports and retry the adop operation.

Completed execution : ADOPValidations.java

Inside _validateETCHosts()...

This is a bug mentioned in the appendix of article: 
Integrating Oracle E-Business Suite Release 12.2 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate (Doc ID 1576425.1)
The following errors are encountered when running fs_clone after completing AccessGate and OAM integration and after completing a patch cycle:

Checking  WLS OAEA Application Port on aolesc11:  Port Value = 6801
RC-50204: Error: - WLS OAEA Application Port in use: Port Value = 6801

ERROR: The following required ports are in use:
6801 : WLS OAEA Application Port
Corrective Action: Free the listed ports and retry the adop operation.

Stop the oaea managed server on the run file system before performing the fs_clone operation, immediately after the accessgate deployment.

This issue will be addressed through Bug 19817016.

If you read the bug:

Bug 19817016 : RUNNING ADOP FS_CLONE FAILS DUE TO PORT CONFLICT BETWEEN RUN AND PATCH EDITIONClick to add to FavoritesEmail link to this documentPrintable PageTo BottomTo Bottom
Bug Attributes
TypeB - DefectFixed in Product VersionSeverity2 - Severe Loss of ServiceProduct Version12.2.4Status11 - Code/Hardware Bug (Response/Resolution)Platform226 - Linux x86-64Created14-Oct-2014Platform VersionORACLE LINUX 5Updated02-Dec-2014Base BugN/ADatabase Version11.2.0.3Affects PlatformsGenericProduct SourceOracleKnowledge, Patches and Bugs related to this bug
Related Products
LineOracle E-Business SuiteFamilyApplications TechnologyAreaTechnology ComponentsProduct1745 - Oracle Applications Technology Stack
Hdr: 19817016 FSOP 12.2.4 PRODID-1745 PORTID-226

*** 10/14/14 11:58 am ***
Service Request (SR) Number:

Problem Statement:
Running fs_clone after completing EBS and OAM integration and after
completing a patch cycle results in fs_clone failing with the following

Checking  WLS OAEA Application Port on aolesc11:  Port Value = 6801
RC-50204: Error: - WLS OAEA Application Port in use: Port Value = 6801

ERROR: The following required ports are in use:
6801 : WLS OAEA Application Port
Corrective Action: Free the listed ports and retry the adop operation.

Detailed Results of Problem Analysis:
The problem is due to the newly added managed server port being the same for
both the run and patch edition.  Going back to the sequence of steps and
tracking the port assignment, it showed the following:

- deploy accessgate on patch
Creates managed server - oaea_server1:6801
This is the default port and doing this to the patch edition...

fs2 - run -> 6801 port
fs1 - patch -> 6801 port

- complete OAM registration
- close patching cycle
- cutover
- after cutover, SSO is working

fs1 - run -> 6801 port
fs2 - patch -> 6801 port

- fs_clone -> fails due to both run(fs1) and patch(fs2) referencing the same
port 6801

Configuration and Version Details:
WG -
EAG - 1.2.3
WT -

EBS 12.2.4 w/ AD/TXK delta 5

Steps To Reproduce:
As part of the EBS integration w/ OAM, we add a managed server for use as the
EBS AccessGate (EAG) to the existing WLS in EBS.  There is an option to do
this to both run edition, as well as the patch edition during an active patch
cycle.  In this case the latter was done.  Here is a summary of the steps

1. Start patch cycle
2. Integrated OID and EBS
3. Cutover
4. Confirmed OID provisioning is working
5. Start patch cycle
6. Apply pre-req EBS patches for OAM
7. Proceed w/ OAM integration on patch file system
8. Cutover
9. Confirmed SSO/OAM is working
10. Run fs_clone -> this is where the issue appears

Additional Information:
The workaround here is to stop the oaea_server1 managed server operating in
the run edition on port 6801, and then re-running fs_clone.  Once this is
done, fs_clone completes and the patch edition now operates on port 6802 for
the same managed server.

For A Severity 1 Bug: Justification and 24x7 Contact Details:

*** 10/14/14 01:19 pm ***
*** 10/16/14 07:05 am ***
*** 10/16/14 07:05 am ***
*** 10/17/14 01:47 am ***
*** 10/17/14 01:49 am ***
*** 10/17/14 01:57 am ***
*** 10/17/14 08:47 am ***
*** 10/23/14 12:16 am ***
*** 10/23/14 12:17 am ***
*** 10/26/14 10:07 pm ***
*** 10/27/14 10:06 pm ***
*** 10/27/14 10:09 pm ***
*** 10/30/14 10:40 pm ***
*** 10/30/14 10:49 pm ***
*** 10/30/14 10:49 pm ***
*** 11/05/14 04:30 pm ***
*** 11/05/14 04:30 pm ***
*** 11/06/14 10:59 am ***
*** 11/17/14 09:20 pm ***
*** 12/02/14 12:36 am ***
*** 12/02/14 07:26 pm ***

Till a patch is made available, you need to shutdown the oaea managed server and restart fs_clone. So much for keeping all services online and the promise of no outage during fs_clone.

Categories: APPS Blogs

Oracle Audit Vault and Compliance Reporting

The Oracle Audit Vault has seeded reports for the following compliance and legislative requirements – no additional license is required.

  • Payment Card Industry (PCI)
  • Sarbanes-Oxley Act (SOX)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • United Kingdom Data Protection Act (DPA)

For each compliance statue, following table lists the included reports available –

Compliance Report


Activity Overview

Digest of all captured audit events for a specified period of time

All Activity

Details of all captured audit events for a specified period of time

Audit Settings Changes

Details of observed user activity targeting audit settings for a specified period of time

Created Stored Procedures

Stored procedures created within a specified period of time

Data Access

Details of audited read access to data for a specified period of time

Data Modification

Details of audited data modifications for a specified period of time

Database Schema Changes

Details of audited DDL activity for a specified period of time

Deleted Stored Procedures

Stored procedures deleted within a specified period of time

Entitlements Changes

Details of audited entitlement related activity for a specified period of time

Failed Logins

Details of audited failed user logins for a specified period of time

New Stored Procedures

Latest state of stored procedures created within a specified period of time

Secured Target Startup and Shutdown

Details of observed startup and shutdown events for a specified period of time

Stored Procedure Activity Overview

Digest of all audited operations on stored procedures for a specified period of time

Stored Procedure Modification History

Details of audited stored procedure modifications for a specified period of time

User Login and Logout

Details of audited successful user logins and logouts for a specified period of time

If you have questions, please contact us at mailto:info@integrigy.com

Auditing, Compliance, Sarbanes-Oxley (SOX), PCI, HIPAA, Oracle Audit Vault
Categories: APPS Blogs, Security Blogs

OAUG BIP SIG ... we're getting the band back together

Tim Dexter - Thu, 2015-01-15 14:28

 Today's post comes to you from Brent at STR Software. If you could help out, it would be greatly appreciated, read on ...

First off, if you are not familiar with the term SIG, it stands for Special Interest Group.OAUG facilitates a number of SIGs to bring users together that share common or industries concerning certain Oracle products.

Unfortunately, the BI Publisher SIG has been offline for a number of years and has not been given the attention it needs to be a useful resource for members of OAUG. Well... I'm getting the band back together and I need your help!

The SIG itself was formed to specifically focus on BI Publisher embedded in Oracle EBS, Peoplesoft and JD Edwards. I have put together a survey that is being emailed out to previous members of the SIG to get thoughts on how the SIG can be of service. That list is pretty old and YOU may not be on it, so if you are interested in participating in the SIG (or even if you are not), have a look at the link below and let me know your thoughts. Our first official meeting will be at Collaborate 15 in Las Vegas, hope to see you there!

Take the survey ->here!

Categories: BI & Warehousing

OAUG BIP SIG ... we're getting the band back together

Tim Dexter - Thu, 2015-01-15 14:28

 Today's post comes to you from Brent at STR Software. If you could help out, it would be greatly appreciated, read on ...

First off, if you are not familiar with the term SIG, it stands for Special Interest Group. OAUG facilitates a number of SIGs to bring users together that share common or industries concerning certain Oracle products.

Unfortunately, the BI Publisher SIG has been offline for a number of years and has not been given the attention it needs to be a useful resource for members of OAUG. Well... I'm getting the band back together and I need your help!

The SIG itself was formed to specifically focus on BI Publisher embedded in Oracle EBS, Peoplesoft and JD Edwards. I have put together a survey that is being emailed out to previous members of the SIG to get thoughts on how the SIG can be of service. That list is pretty old and YOU may not be on it, so if you are interested in participating in the SIG (or even if you are not), have a look at the link below and let me know your thoughts. Our first official meeting will be at Collaborate 15 in Las Vegas, hope to see you there!

Take the survey -> here!

Categories: BI & Warehousing

Security Big Data - Part 7 - a summary

Steve Jones - Thu, 2015-01-15 09:00
Over six parts I've gone through a bit of a journey on what Big Data Security is all about. Securing Big Data is about layers Use the power of Big Data to secure Big Data How maths and machine learning helps Why its how you alert that matters Why Information Security is part of Information Governance Classifying Risk and the importance of Meta-Data The fundamental point here is that
Categories: Fusion Middleware

Junk Viz - When More is Less

Abhinav Agarwal - Thu, 2015-01-15 04:41
There are examples of junk visualizations, and then there are examples of junk charts that just take your breath away.

The Indian news portal, FirstPost.in, which describes itself as a "trusted guide to the crush of news and ideas around you", published a story titled Shivraj set for massive victory in Madhya Pradesh: Survey | Firstpost, which has this chart (link to the image) - take a minute to study it. Then study it again. It is no optical illusion or card-trick being played here.

The estimated voteshare of the INC (Indian National Congress) party goes up from 37.6 to 44%, and yet the bar goes DOWN! Ditto for the BJP, whose vote share goes up from 32.4% in 2008 to an estimated 33%, and yet the bar goes DOWN!
If you started to think that the bars had somehow been switched, the third group - BSP - is drawn correctly.
And then you have the "OTHERS" - which plots an estimated vote share of 16% at where the 14% mark would fall.

The maker of this chart should be congratulated for getting so many things wrong in one simple bar chart.

(Thanks to Kumar for first sharing this chart with me.)

BI Mobile HD Universal App Released

Abhinav Agarwal - Thu, 2015-01-15 04:41
A new version ( of the Oracle BI Mobile HD App was released to the Apple iTunes App Store on Wednesday. This release has several new features of note. This updated version also fixes some issues that were reported in the update that went out late last week on the 28th of June.

  • All users are recommended to upgrade to this version of the BI Mobile HD app. There were login issues with the iPad version of the earlier app and orientation issues with the iPhone app. Both issues were noticed almost immediately after the app went live on the App Store and development traced these to a problem with the configuration of the app uploaded to the App Store. 
  • Users will notice that this is app now supports the iPhone (and iPod) device also. Therefore users will see this app on their iPhone when they search for it on the App Store. 
  • There is now a demo server available for use with the BI Mobile HD app. This is available on both the smartphone and tablet versions of the app. This server is available on the Internet, so customers do not need to use any proxy or VPN settings to access this server. A connection to the demo server is pre-configured on the BI Mobile HD app, so you can access the server immediately after installing the app on your device. 
  • This version of the app is supported and certified for use with Oracle BI versions (released in July 2012) or higher, including (April 2013) and 
  • If you are using Oracle BI version (or any of the bundle patches for, you must continue to use the existing Oracle BI Mobile app (the latest version if on your iPhone and iPod devices. We do not expect to support Oracle BI versions prior to on the new BI Mobile HD app. 
  • There is a redesigned home page experience on the iPad version of the BI Mobile HD app. 
  • Users can now set their default starting configuration on the iPad version of the app – whether they want to begin with the “Favorites” or "Most Recent" or "Dashboards – from the Settings panel. 
  • A "first-time help" overlay screen is displayed when you launch the app for the first time after installing it. If you need to get back to this screen subsequently, you can do so by selecting the "Show First Time Help" option from the Catalog page. 
  • The iPad version of the app contains a Settings "backstage", an area for you to customize the app and to manage server connection settings. 
  • The minimum iOS version supported on the BI Mobile HD app is iOS 6 and above.

Best wishes!
Bangalore, July 4, 2013

Lying with Charts - Global Warming Graph

Abhinav Agarwal - Thu, 2015-01-15 04:41
Global warming is a serious yet controversial enough topic without bringing in bad data visualizations practices into it. The Wonkblog on the Washington Post has an article titled, "You can’t deny global warming after seeing this graph". The post reproduces a chart prepared by the World Meteorological Association that plots global temperatures by decade. While the data shows that the last decade, 2001-2010, was the hottest on record, the graph uses a broken Y-axis that begins at 13.4°C instead of starting at zero. The chart does not hide this fact, and you can see that the chart's Y-axis starts at 13.4°C, but the most visually prominent piece in the graph is, well, the graph! And it screams the message that global temperatures are going off the charts - it's time to panic. There is no denying that we as a world need to get serious about investing in alternative and renewable sources of energy like solar, wind, and even nuclear, but this graph is just plain bad.

The data: (from the web page):
Decade    Global temperate in °C
1881-1890 13.68 
1891-1900 13.67
1901-1910 13.59
1911-1920 13.64
1921-1930 13.76
1931-1940 13.89
1941-1950 13.95
1951-1960 13.92
1961-1970 13.93
1971-1980 13.95
1981-1990 14.12
1991-2000 14.26
2001-2010 14.47

How the data appears in a bar graph if plotted with the Y-axis starting at 13.4:

How the data appears in a bar graph if plotted with the Y-axis starting at 0.

For time-series data I think the line graph is much better suited as a data visualization. The same data if plotted as a line graph:
First, with the Y-axis starting at 13.4:

And now with a normal, unbroken Y axis that starts at zero:

When you resort to such gimmickry to buttress your point, it not only hurts your credibility but also harms the cause.

Update: what if we decide to plot the inter-decade differences in temperatures as a percentage difference? Would that make a difference? Perhaps, but here again, the choice of scale you use makes a huge difference in perception.

Using a scale to maximize differences.

Using a scale that ranges from -10% to +10%

Using a scale that ranges from -100% to +100%:

Update: in response to my tweet, Kaiser Fung kindly critiqued my post here.

OBIEE Bundle Patch Now Available

Abhinav Agarwal - Thu, 2015-01-15 04:41
A new bundle patch for Oracle Business Intelligence became available last week. This is OBIEE Bundle Patch, and is available on the following platforms:
  • HP-UX  Itanium
  • IBM AIX on POWER Systems (64-bit)
  • Linux x86
  • Linux x86-64
  • Microsoft Windows (32-bit)
  • Microsoft Windows (64-bit)
  • Oracle Solaris on x86-64 (64-bit)
It is applicable to all customers running OBIEE versions and

Patch 17530796 - OBIEE BUNDLE PATCH (Patch) is comprised of the following patches, which are not available separately:
  1. Patch 16913445 - Patch (1 of 8) Oracle Business Intelligence Installer (BIINST)
  2. Patch 17463314 - Patch (2 of 8) Oracle Business Intelligence Publisher (BIP)
  3. Patch 17300417 - Patch (3 of 8) Enterprise Performance Management Components Installed from BI Installer (BIFNDNEPM))
  4. Patch 17463395 - Patch (4 of 8) Oracle Business Intelligence Server (BIS)
  5. Patch 17463376 - Patch (5 of 8) Oracle Business Intelligence Presentation Services (BIPS)
  6. Patch 17300045 - Patch (6 of 8) Oracle Business Intelligence Presentation Services (BIPS)
  7. Patch 16997936 - Patch (7 of 8) Oracle Business Intelligence Presentation Services (BIPS)
  8. Patch 17463403 - Patch (8 of 8) Oracle Business Intelligence Platform Client Installers and MapViewer

You will also notice that the bundle patch is now named in a "YYMMDD" format; i.e. the fifth place now tells you when the patch was released. This calendar date numbering scheme has been initiated with the bundle patch.

As usual, please go through the Readme and other instructions before deciding upon an installation schedule and decision.

Monday moods.
Bangalore, Oct 28, 2013

Using R to Unlock the Value of Big Data, by Mark Hornick

Abhinav Agarwal - Thu, 2015-01-15 04:41

Using R to Unlock the Value of Big Data, by Tom Plunkett, Mark HornickThis is a brief (approximately 80 pages) introduction targeted at users with an intermediate-level exposure of R and who want to get a quick look at working with R with Oracle's products. Strictly speaking, this is not an introduction to R, nor is this an R tutorial. It is, very specifically, an introduction to R as it integrates with and relates to the Oracle Database, the Oracle R Distribution, and the Oracle R Connector for Hadoop. The main chapters are "Using Oracle R Enterprise" and "Oracle R Connector for Hadoop", which have sixteen and seventeen examples, respectively, to help you get started.

Oracle provides "Oracle R Enterprise" (ORE), that "overloads R functions that normally operate on data.frames and pushes down their execution to Oracle Database, where transformations and statistical computations are performed on database tables. ORE introduces ore.frame objects that serve as proxies for database tables and views."

Connected with ORE is ROracle, which is "an open source R package now maintained by Oracle." "Oracle R Enterprise uses ROracle for connectivity between R and Oracle Database. ROracle has been re-engineered using the Oracle Call Interface (OCI)"

And finally there is the "Oracle R Connector for Hadoop", which "provides an R interface to a Hadoop cluster, allowing R users to access and manipulate data in Hadoop Distributed File System (HDFS), Oracle Database, and the file system."

So, if you are new to R or need to dive deeper into R, then this is not the book for you. If, however, you need to work with R for big data and enterprise applications, or integrate R with the Oracle Database and/or its Data Mining capabilities, then you should take a look at this book.

Disclosure: I am an Oracle employee and work with its business intelligence product management group. I have reviewed this book in my personal capacity, and this review does not represent Oracle in any way.
ISBN-10: 0071824383
Print ISBN-13: 9780071824385
E-Book ISBN-13: 9780071826273

Buying information:
Amazon: US | UK | CA | IN, Kindle e-book: US | UK | CA | IN, Indie Books, Powell's, Flipkart

Kindle Excerpt:

KindleReader.LoadSample({containerID: 'roraclebook', asin: 'B00DPG5LLO', width: '500', height: '600', assoctag: 'abhinav-20'});

OBIEE Bundle Patch Now Available

Abhinav Agarwal - Thu, 2015-01-15 04:40
Over the weekend, and this does happen to be a long weekend in the US, on account of Labor Day in the US, Bundle Patch for Oracle Business Intelligence was released, and is now available for download from the My Oracle Support portal.

This bundle patch is available for "all customers who are using Oracle Business Intelligence Enterprise Edition,,, BP1,,,,,,, and" (OBIEE 11g is Available for Oracle Business Intelligence Enterprise Edition and Oracle Exalytics (Doc ID 1580502.1))

The constituent patches of this patch set (bundle patch) are:
  • Patch 16986663 - (1 of 7) Oracle Business Intelligence Installer (BIINST) 
  • Patch 16986677 - (2 of 7) Oracle Real Time Decisions (RTD) 
  • Patch 16986644 - (3 of 7) Oracle Business Intelligence Publisher (BIP) 
  • Patch 16986692 - (4 of 7) Oracle Business Intelligence ADF Components (BIADFCOMPS) 
  • Patch 16986703 - (5 of 7) Enterprise Performance Management Components Installed from BI Installer (BIFNDNEPM) 
  • Patch 16986558 - (6 of 7) Oracle Business Intelligence: (OBIEE) 
  • Patch 16986723 - (7 of 7) Oracle Business Intelligence Platform Client Installers and MapViewer

White spaces and Map Views

Abhinav Agarwal - Thu, 2015-01-15 04:40
When working with Map Views, you can choose to collapse the map formats panel on the left.

When you do that, the panel is hidden, but white space is displayed on either side of the map view, where the panel used to be.

Currently there is no option to remove this white space through a UI setting.

However, if you are brave enough, you can remove this white space by editing the analysis XML, which is available under the "Advanced" tab of your analysis.
For the Map View in question, search for the "" property, and set the "width" value to zero. In this case below, you will see the width is set at 220 pixels. The "display" attribute has a value of "false", which is expected, since we have chosen to hide the formats panel.

So, after you set the value to zero (the number 0), click the "Apply XML" button, and return to you "Results" tab. You should see that the formats panel continues to be hidden, but now the white space is no longer there, and the entire space is being utilized by the map in the Map View.

A word of caution. First, if you edit the Map View and choose to display your map formats panel, the panel will pop back, and if you hide the panel, the white space will return. 
So this  hack is more of a final adjustment to apply to your analysis, when you are done with all the changes you want to make to your map view or map views.

That's it.

As far as hacks go, this is an easy one. It is also, as hacks go, unsupported, so you know the drill - not supported, not guaranteed to work, and you're on your own if you do decide to try it out. So, please, exercise your caution and discretion when applying this hack.

I trust you're enjoying the Oracle OpenWorld conference, currently underway in the beautiful city of San Francisco.

Bangalore, Sep 25, 2013

Introduction to the BI Mobile App Designer

Abhinav Agarwal - Thu, 2015-01-15 04:40
Oracle launched a brand new addition to its Business Intelligence Mobile solution - BI Mobile App Designer, which lets you create stunning, interactive mobile apps, literally within minutes. Apps created run on mobile devices running a reasonably modern mobile browser - that can handle HTML5 and jQuery - and are available on both smartphone and tablet form factors.

Here's a short introductory video I recorded (the direct URL):

Creating your first app with the BI Mobile App Designer

Abhinav Agarwal - Thu, 2015-01-15 04:40
While creating sophisticated mobile apps that provide a rich feature set takes time, expectedly, what is wonderful about the recently launched Oracle Business Intelligence Mobile App Designer is the fact that you can be up and running without requiring a week-long training and a Master's degree in Computer Engineering.

Here's a short video I recorded on creating your first app with the BI Mobile App Designer (the direct URL on YouTube). A note of caution, and an apology of sorts - the audio in last few seconds of the video dramatically jumps up in volume. This is because I recorded these last few seconds later, and used different audio settings. I should have normalized it. I live, and I learn.

In fact, Oracle Partner Rittman Mead have introduced a QuickStart for Oracle BI Mobile App Designer package - "a five-day, fixed-price and fixed-scope engagement" - to help customers "deploy line-of-business mobile BI apps for any device, in five days." (Disclaimer: this is neither an endorsement nor a plug. I am  pointing out the availability of this new service from an Oracle Gold Partner).

Have you checked out all the useful BI sessions at Oracle OpenWorld in San Francisco?

Bangalore, Sep 25 2013

BI Mobile HD App

Abhinav Agarwal - Thu, 2015-01-15 04:40
Finally got around to writing my long overdue post on the new BI Mobile HD app. To get on with it, without much ado, not to loiter, and all that... here goes.

The new BI Mobile HD app, version, can be downloaded from the Apple iTunes App Store (link to app preview page on iTunes).
If you already have the BI Mobile HD app installed on your iOS device, you should get an App Store notification on the availability of an upgrade. Note, that since this version is available only for iOS version 6 (and above), if you are running an older version of iOS, you will not get a notification, and will not be able to download it. If you check the Wikipedia iPhone page (link) you will see that the iPhone 3GS and later devices support iOS 6. As far as the iPad device goes, if you check the Wikipedia page (link), iPad 2 and later devices support iOS 6.

If you search for it from your supported iOS device, you will find it as the second result. The first is also an Oracle BI app - the Oracle Business Intelligence Mobile app, but that is for OBIEE version The BI Mobile HD app is now a Universal app, and is therefore available on both smartphones and tablets. I will follow up with a post on the iPhone version later (yes, I will). Downloading and installing is a straightforward process. Tap to install. The app size is 16.1MB, and once downloaded, takes a few seconds to install.

The single biggest change you will see out of the box once the app launches is the presence of a "demo" server connection. So you can run the app without having to configure a connection. Which is very convenient. Tap to select it and the app will connect to this "OBI Mobile Public Demo Server". This server runs on the Oracle Cloud, and therefore accessible from the public Internet.

The second change is that you have a help screen to, err, help, first-time users get familiar with the interface and controls of the app. While the user interface is simple and intuitive, this screen does a good job of summarizing the different ways you can launch and navigate to the different parts of the app.

Yes, landscape and portrait orientations are well and truly supported, so flip your device this way and then that.

The other point to note is that the panel of menu navigation tabs (check this post on the first iteration of the HD app last year) at the bottom of the app - "Recent", "Favorites", "Dashboards", "Local", and "Search" - have been replaced by a slide-out navigation bar. Also, you can access the "Settings" screen by swiping right.

So, if you do launch the "Settings" screen, you will notice several new things. The first is that you can now choose where in the App to begin when you launch it - in the "Recent" tab, or the "Favorites" tab, etc... The second is that you can also choose how your content preview thumbnails should be displayed. That is, apart from the "List" and "Carousel" options that have existed, a third option - "Grid" - has been added. For what it's worth, I find that the grid layout presents more data - especially if you have the preview thumbnails generated for the content.

The carousel view continues to be useful to see which content you have accessed most recently, placing it front-and-center on your app. The swipe gesture works as before for navigating through the carousel.

Inside your content, you will notice that the Dashboard Page dropdown has been replaced by a touch-enabled flat list. You can tap any page title to switch to that dashboard page, but also swipe left or right to view other pages - if there are more pages than can be displayed at the same time. The current dashboard page is indicated by a blue color for the page and a subtle arrowhead below the page.

Coming back to the Settings screen, it is now easier to select a wallpaper - simply tap and the wallpaper is selected and immediately applied. You can see how the wallpaper looks like from within the Settings screen.
Then there is the option to select which screen you begin on - that I covered above. The option to select the format in which attachments are created when you email content from within the app lets you select three options - no attachment (i.e. only a link is included in the body of the email), HTML, and PDF.
The last row shows you your server connections, the first one being the demo server connection - that you cannot edit, and the remaining are connections you've defined.


New functionality introduced in the release, including fixed headers and fixed sized dashboard sections work on the HD app also. So you can use the tap-and-drag gesture to move content within fixed sections, as well as scroll through content for views with fixed headers. Oh, and by the by, the double-tap gesture now works to maximize most views (not sure which it does not maximize for, but works for most of the views).

Another new enhancement (enhancements are by their nature "new", so here's an example of a tautology) introduced in the release of OBIEE was support for Map Views as detail views in master-detail linking. This support is not the full-blown detail support that is available for other views, and I will elaborate in a separate post, but basically you can now set up Map Views to listen to master-detail events on a specified channel. So, if you were to tap on the axis label in the bar graph on the left, on say, "USA", then the bar graph on the right and the map view both respond to that event. In the case of the map view, it zooms in and redraws itself based on the bounding rectangle for the USA.
And for Brazil, and so on...

The double-tap to maximize gesture that I talked about - 

And this is an example of a Map View with a bubble (proportional symbol) format with a feature theme underlain - the feature theme is based on a metric at the county level, and thus you have more than three thousand color-coded polygons.

A similar example, but this time with an image format with a heatmap format based feature theme. The heatmap format is based on district population figures.
And finally, an example from the Airlines data sample app with airline routes plotted as line formats. The lines in a Map View can be color-coded based on a measure and their size varied on a second measure. This is very much similar to how proportional symbol formats in Map Views have also worked since 2010.

And this is an example of such a proportional color-coded line format. You can tap on destination and origin airports to get a popup of the selected metric, and then use the underlying feature-theme based color format for additional context.

Bangalore, Sep 26 2013


Subscribe to Oracle FAQ aggregator