Splunk Apps?

From: Wolfson Larry - lwolfs <lawrence.wolfson_at_acxiom.com>
Date: Mon, 18 Nov 2013 18:13:09 +0000
Message-ID: <EDA437CAA8612C418E013CDA4B4A7551014AB08DDC_at_CWYIGMBCRP01.Corp.Acxiom.net>



Hi list!

I was wondering if anyone found particulaly useful Apps from the Splunk website that we may have overlooked? We've been using it for about a year and have been using it for multiple applications on multiple types of databases, not just Oracle. There's also a new 6.0 release if you haven't seen that. Check http://www.splunk.com/

Splunk has a limited command line history, but you can get all the search commands from the _audit index A search something like
index=_audit action=search search="*" NOT maintain | table _time search Should work for you. Just keep adding NOT ? statements to weed out want you don't want to see. Might save you rewriting what one of your other DBAs already developed.

Some references.
http://pmdba.files.wordpress.com/2013/05/real-time-oracle-11g-log-file-analysis.pdf By Peter Magge http://itdavid.blogspot.ca/2011/02/manage-oracle-11gr2-asm-and-rdbms-audit.html By David Robillard

BTW auditors generally like Splunk because it doesn't throw anything away.

  Larry



The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged.

If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system.

Thank You.


--
http://www.freelists.org/webpage/oracle-l
Received on Mon Nov 18 2013 - 19:13:09 CET

Original text of this message