Installation and Upgrade Guides › Policy Server Installation Guide › Configuring CA SiteMinder® Data Stores in a Relational Database › How to Store Audit Logs in Oracle

How to Store Audit Logs in Oracle

To configure an Oracle database to store audit logs, complete the following procedures:

1. Gather database information.
2. Create the audit store schema.
3. Configure an Oracle data source for CA SiteMinder®.
4. Point the Policy Server to the database.
5. Restart the Policy Server.

More information:

Configure an Oracle Data Source for CA SiteMinder®

Gather Database Information

Create the Audit Log Schema

You create the audit log schema so the Oracle database can store audit logs.

To create the CA SiteMinder® schema

1. Log into Oracle with sqlplus or some other Oracle utility as the user who administers the Policy Server database information.

   Note: We recommend that you do not create CA SiteMinder® schema with the SYS or SYSTEM users. If necessary, create an Oracle user, such as SMOWNER, and create the schema with that user.

2. Import the following script:

   $NETE_PS_ROOT/db/sql/sm_oracle_logs.sql

   Note: Environment variables may not function in Oracle's SQL utility. If you experience problems importing the script using the utility, specify an explicit path.

   The audit log schema is created in the database.

Point the Policy Server to the Database

You point the Policy Server to the database so the Policy Server can read and store audit logs.

To point the Policy Server to the data store

1. Open the Policy Server Management Console, and click the Data tab.

   Database settings appear.

2. Select ODBC from the Storage list.

   ODBC settings appear.

3. Select Audit Logs from the Database list.
4. Select ODBC from the Storage list.

   Data source settings become active.

5. Enter the name of the data source in the Data Source Information field.
   • (Windows) this entry must match the name you entered in the Data Source Name field when you created the data source.
   • (UNIX) this entry must match the first line of the data source entry in the system_odbc.ini file. By default, the first line in the file is [CA SiteMinder® Data Sources]. If you modified the first entry, be sure that you enter the correct value.
6. Enter and confirm the user name and password of the database account that has full access rights to the database instance in the respective fields.
7. Specify the maximum number of database connections allocated to CA SiteMinder®.

   Note: We recommend retaining the default for best performance.

8. Click Apply.

   The settings are saved.

9. Click Test Connection.

   SiteMinder returns a confirmation that the Policy Server can access the data store.

10. Click OK.

    The Policy Server is configured to use the database as an audit logging database.

Restart the Policy Server

You restart the Policy Server for certain settings to take effect.

Follow these steps:

1. Open the Policy Server Management Console.
2. Click the Status tab, and click Stop in the Policy Server group box.

   The Policy Server stops as indicated by the red stoplight.

3. Click Start.

   The Policy Server starts as indicated by the green stoplight.

   Note: On UNIX or Linux operating environments, you can also execute the stop-all command followed by the start-all command to restart the Policy Server. These commands provide an alternative to the Policy Server Management Console.