Oracle Plugin¶
This plugin dissects Oracle (unencrypted) traffic information and saves the queries log in dump files as well export the information via NetFlow/IPFIX using the following information elements.
%ORACLE_USERNAME Oracle Username
%ORACLE_QUERY Oracle Query
%ORACLE_RSP_CODE Oracle Response Code
%ORACLE_RSP_STRING Oracle Response String
%ORACLE_QUERY_DURATION Oracle Query Duration (msec)
The plugin supports the following command line options that are used to specify where the (optional) log file is saved. As previously described for -P, dumps are nested in directories. It is possible to instruct nProbe to execute a command when a directory (not a log file) if fully dumped (i.e. nProbe has moved to the next directory in time order).
--oracle-dump-dir <dump dir> Directory where Oracle logs will be dumped
--oracle-exec-cmd <cmd> Command executed whenever a directory has been dumped
--max-oracle-log-lines Max number of lines per log file (default 10000)
Note that not all Oracle DB version might be supported by this plugin.