Skip to main content

Site CollectorSite Collector Administration Guide

Set Up Oracle Collector

If you use the Oracle Relational Database Management Systems (RDBMS), you can set up the Oracle collector to retrieve logs from your RDBM sources. The Oracle collector is a set of Site Collector flows, pre-built processors, groups, custom processors, other components, and integrations that pull logs in JSON format from your databases and push the logs to New-Scale Security Operations Platform.

To set up an Oracle collector:

  1. Log in to the New-Scale Security Operations Platform with your registered credentials.

  2. Navigate to Collectors > Site Collectors.

  3. Ensure that Site Collector is installed and is running.

  4. On the Site Collector page, click the Collectors Library tab, then click Oracle.

    Oracle_Collector_NGSC_1.png
  5. In the Definition section, enter the required information as follows.

    Oracle_JDBC_NGSC_collector_config1.png
    • Collector Name – Specify a name for the Oracle collector.

      Note

      Ensure that you specify different names for Site Collector instance and the collector.

    • Site Collector Instance – Select the site collector instance for which you want to set up the Oracle collector.

    • Oracle Hostname or IP – Enter the IP address of the Oracle DBMS from which you want the Oracle collector to pull logs.

    • Port – Enter the port number of your Oracle server.

    • Connection Type – Select the method by which you want to connect to the Oracle database:

      • Service Name – For this method, enter the name of the database TNS alias which is used for remotely connecting to the database.

      • SID – For this method, enter the name of your Oracle Service Identifier instance.

    • OJDBC Driver – Select the OJDBC Driver version that is compatible with your Oracle server version. You can collect logs from older Oracle server versions. For more information, see Version Compatibility for Oracle JDBC Drivers in Oracle documentation.

  6. Click Next.

  7. In the Authentication section, enter the username and password for establishing connection with the Oracle RDBMS source.

    Oracle_collector_SSL1.png
  8. To establish a secure connection between the Oracle Server (RDBMS) and the Site Collector Core, enable the Secure Connection option. You can enable the secure connection while configuring or updating the Oracle collector instance.

    Oracle_collector_SSL.png
    • To upload custom certificates signed by Certificate Authority (CA), click CUSTOM CERTIFICATE, and click Select File. Upload the certificate files (ca.pem) that are bundled in a .tar.gz archive file. To obtain the security certificate for Oracle RDBMS, in ca.pem format, contact your support team.

      oracle_upload_certificate.png
    • To paste the certificate contents, enable the Plain Text option. Copy and paste the all the content from the ca.pem file to the text box. Ensure that you paste the exact and complete content from the ca.pem to the text box.

  9. Click Next.

  10. In the Data section, enter the required information as follows.

    Oracle_Collector_NGSC_4.png
    • Fetch Interval – Select the time interval within which you want the Oracle collector to pull logs. For example: 30 sec, 1 min, 2 min, 3 min, 4 min, and 5 min.

    • Search Query – Enter the following details:

      • Iterator Column – Enter the value that will be used for incremental data pull. Ensure that the column value is unique, and is returned in the query result set.

      • Iterator column initial value – Enter the value for the initial data pull. Use the iterator column initial value to pull historical data.

      • Query – Enter the Oracle query to specify the type of data that you want the collector to pull.

        For example: To fetch logs from the Oracle database, use the following query.

        SELECT *
        FROM <table>
        WHERE 1=1 

        The Iterator Column value must be returned as a uniquely named column in the dataset. If you use joins, use AS to specify a rename for the iterator. For example:

        Select table1.id as iterator, table2.id, table2.value from table1 join table2 on table1.id = table2.fk where table2.value > 0
    • Query Preview – View the preview of the query that you enter.

  11. Click Setup.

    The Oracle collector is set up and is ready to pull logs from your Oracle database.

    After the Oracle collector is set up, Site Collector Core starts pulling logs periodically based on the query entered by the user and uploads logs to New-Scale Security Operations Platform. If the Oracle database is not available, Site Collector core resumes pulling logs from the place where it stopped.

    Note

    • BLOB fields collection is not supported.

    • The Oracle collector that uses Oracle JDBC driver 10 which supports Oracle Database Version 19.x is available in Site Collectors version 1.12 or later. Site Collectors version 1.12 also supports Oracle JDBC driver versions 6 to 11.

      The minimum supported Oracle Database version is 12. You can use other versions of the JDBC driver based on your Oracle Database version while configuring the Oracle collector. Refer to the following table to select the Oracle JDBC driver version based on your Oracle Database version.

      Oracle Database Version

      Supported JDK Version

      21.x

      ojdbc11.jar with JDK 11, JDK 12, JDK 13, JDK 14 and JDK 15

      ojdbc8.jar with JDK 8, JDK 11, JDK 12, JDK 13, JDK 14 and JDK 15

      19.x

      ojdbc10.jar with JDK 10, JDK 11

      ojdbc8.jar with JDK 8, JDK 9, JDK 11

      18.3

      ojdbc8.jar with JDK 8, JDK 9, JDK 10, JDK 11

      12.2 or 12cR2

      ojdbc8.jar with JDK 8

      12.1 or 12cR1

      ojdbc7.jar with JDK 7, JDK 8

      ojdbc6.jar with JDK 6

      This table displays supported JDK versions for various Oracle Database versions, for more information, see RDBMS and JDK Version Compatibility for Oracle JDBC Drivers in the Oracle documentation.

    In case of installation failure, the collector is disabled, and the configuration is saved. The status of the collector can be checked on the UI or using the support package.