La gestione dei log è da sempre un argomento complesso e nel tempo si sono cercate varie soluzioni più o meno complesse, spesso difficili da integrare nel proprio stack applicativo. Daremo un’ overview generale dei principali sistemi di aggregazione evoluta dei log in realtime (Fluentd, Greylog, eccetera) e illustreremo del motivo ci ha spinto a scegliere ELK per risolvere un’esigenza del nostro cliente; ovvero di consultare i log in modo piu comprensibile da persone non tecniche.
Lo stack ELK (Elasticsearch Logstash Kibana) permette agli sviluppatori di consultare i log in fase di debug / produzione senza avvalersi dello staff sistemistico. Dimostreremo come abbiamo eseguito il deployment dello stack ELK e lo abbiamo implementato per interpretare e strutturare
i log applicativi di Magento.
(Given to the Vancouver Erlang and Ruby/Rails Meetup groups on May 19, 2009.)
Erlang is an up-and-coming language on the web scene. New libraries and frameworks are sprouting up at a rampant rate, and web giants Facebook and Twitter are using it to develop highly-scalable web applications.
This talk will introduce Erlang as a language and platform, summarize its strengths and weaknesses, and cover how you can use Erlang and Ruby together to conquer the web frontier.
Speaker Bio:
Ken Pratt has been developing software for the web for over 10 years. He fell in love with Ruby four years ago, but is still passionate about learning other languages and platforms. He has developed scalable web services for Electronic Arts, built Rails-based web applications since pre-1.0, and been featured in interactive art installations.
[네이버오픈소스세미나] Pinpoint를 이용해서 서버리스 플랫폼 Apache Openwhisk 트레이싱하기 - 오승현NAVER Engineering
네이버 오픈소스 세미나 - Performance does matter
2019.07.11
<세션 요약>
네이버 서비스에서 사내 서버리스 플랫폼까지 흘러가는 트랜잭션을 추적하고 분석하기 위해 개발한 Pinpoint의 Apache Openwhisk 플러그인과 그 개발 과정을 소개합니다.
Apache Openwhisk는 서버리스 플랫폼을 구축할 수 있는 오픈소스 프로젝트로 스칼라 언어와 Akka 라이브러리를 사용한 Actor 모델에 기반하고 있습니다. 스칼라 언어로 작성된 애플리케이션을 위한 Pinpoint 플러그인을 만들면서 겪었던 문제들과 해결했던 과정들을 위주로 설명드릴 예정입니다.
<연사 소개>
네이버에서 Serverless 플랫폼을 개발하고 있으며, 다양한 오픈소스 프로젝트에 관심이 많습니다.
Apache Openwhisk contributor로 활동하면서, Openwhisk 기반 서버리스 플랫폼의 트레이싱을 위한 Pinpoint 플러그인을 개발하고 컨트리뷰션을 진행하고 있습니다.
La gestione dei log è da sempre un argomento complesso e nel tempo si sono cercate varie soluzioni più o meno complesse, spesso difficili da integrare nel proprio stack applicativo. Daremo un’ overview generale dei principali sistemi di aggregazione evoluta dei log in realtime (Fluentd, Greylog, eccetera) e illustreremo del motivo ci ha spinto a scegliere ELK per risolvere un’esigenza del nostro cliente; ovvero di consultare i log in modo piu comprensibile da persone non tecniche.
Lo stack ELK (Elasticsearch Logstash Kibana) permette agli sviluppatori di consultare i log in fase di debug / produzione senza avvalersi dello staff sistemistico. Dimostreremo come abbiamo eseguito il deployment dello stack ELK e lo abbiamo implementato per interpretare e strutturare
i log applicativi di Magento.
(Given to the Vancouver Erlang and Ruby/Rails Meetup groups on May 19, 2009.)
Erlang is an up-and-coming language on the web scene. New libraries and frameworks are sprouting up at a rampant rate, and web giants Facebook and Twitter are using it to develop highly-scalable web applications.
This talk will introduce Erlang as a language and platform, summarize its strengths and weaknesses, and cover how you can use Erlang and Ruby together to conquer the web frontier.
Speaker Bio:
Ken Pratt has been developing software for the web for over 10 years. He fell in love with Ruby four years ago, but is still passionate about learning other languages and platforms. He has developed scalable web services for Electronic Arts, built Rails-based web applications since pre-1.0, and been featured in interactive art installations.
[네이버오픈소스세미나] Pinpoint를 이용해서 서버리스 플랫폼 Apache Openwhisk 트레이싱하기 - 오승현NAVER Engineering
네이버 오픈소스 세미나 - Performance does matter
2019.07.11
<세션 요약>
네이버 서비스에서 사내 서버리스 플랫폼까지 흘러가는 트랜잭션을 추적하고 분석하기 위해 개발한 Pinpoint의 Apache Openwhisk 플러그인과 그 개발 과정을 소개합니다.
Apache Openwhisk는 서버리스 플랫폼을 구축할 수 있는 오픈소스 프로젝트로 스칼라 언어와 Akka 라이브러리를 사용한 Actor 모델에 기반하고 있습니다. 스칼라 언어로 작성된 애플리케이션을 위한 Pinpoint 플러그인을 만들면서 겪었던 문제들과 해결했던 과정들을 위주로 설명드릴 예정입니다.
<연사 소개>
네이버에서 Serverless 플랫폼을 개발하고 있으며, 다양한 오픈소스 프로젝트에 관심이 많습니다.
Apache Openwhisk contributor로 활동하면서, Openwhisk 기반 서버리스 플랫폼의 트레이싱을 위한 Pinpoint 플러그인을 개발하고 컨트리뷰션을 진행하고 있습니다.
Triplewave: a step towards RDF Stream Processing on the WebDaniele Dell'Aglio
The slides of my talk at INSIGHT Centre for Data Analytics (in NUI Galway) where I presented TripleWave (http://streamreasoning.github.io/TripleWave/), an open-source framework to create and publish streams of RDF data.
Most of what Rundeck does is via one of it’s plugins. There are already over 100+ plugins to perform various services including executing commands on nodes, performing step in a workflow, or sending notification about job status. There may be instances where you need to write your own plugin to perform a specific step or action. In this session, will walk through the steps for writing our own plugin.
In this session you'll learn:
Review the structure of plugin
How to use the structure and what information you need to include in other files to make your plugin work
How to write a simple plugin example using java
How to reply and use your plugin
Scalable Recommendation Algorithms with LSHMaruf Aytekin
- Scalable recommendation algorithm based on Locality Sensitive Hashing (LSH) and Collaborative Filtering.
- Distributed implementation of LSH with Apache Spark.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/28XnVtb.
Felix Klock describe the core concepts of the Rust language (ownership, borrowing, and lifetimes), as well as the tools beyond the compiler for open source software component distribution (cargo, crates.io). Filmed at qconlondon.com.
Felix Klock is a research engineer at Mozilla, where he works on the Rust compiler, runtime libraries, and language design. He previously worked on the ActionScript Virtual Machine for the Adobe Flash runtime. Klock is one of the developers of the Larceny Scheme language runtime.
Event Sourcing with Kotlin, who needs frameworks!Nico Krijnen
You've heard about Event Sourcing, it sounds like a useful technique that can potentially make some really hard problems a lot easier. But where do you start? There are many talks about the theory and application of Event Sourcing, but what does it actually look like in code? And why is the Kotlin language such an excellent match for writing event sourced applications?
As Event Sourcing is a complicated topic we'll start with a short introduction to some of the key concepts like Event Sourcing, CQRS, command pattern and projections. Event Sourcing is not for everyone. It requires a significant shift in how you think about your data. Event Sourcing is also not always easy, so we'll point out some pitfalls and guide you on when it's worth using it and when you should stay away from it.
However, Event Sourcing is also super-valuable when it fits your needs! And if you approach it in the right way, it does not have to be as hard as you may think. With some live coding, we'll build up an event sourced model using the CQRS pattern. Along the way you'll get a taste of how these techniques work in code and how typical Kotlin constructs like data classes, immutability, lazy properties and functional style will help you to keep it all readable and easy to understand. You'll see that you don't need to start with a framework to do Event Sourcing and why Java doesn't make it as easy as Kotlin does. The Kotlin language provides a lot of the fundamentals that you need and that allows you to keep everything simple and in your own control.
---
As presented at Kotlin Dev Day, May 2022 in Amsterdam.
Refactoring Applications using SOLID PrinciplesSteven Smith
We’ve all heard about well-designed software projects, where things aren’t (yet) a big ball of mud that’s painful to work with, but many of us aren’t lucky enough to work on these. Nor is it an option for us to get to start a brand new “greenfield” project, where we can leave behind the legacy of spaghetti code and technical debt our current project might have.
But there is hope! By applying refactoring steps based on SOLID principles of object oriented design, we can reduce the technical debt of our existing application, improve our code quality, and hopefully make our application more enjoyable and productive to work with.
In this session, we’ll briefly introduce the SOLID principles and several design patterns, and then we’ll apply these principles and patterns by improving the design of an existing application through several refactoring steps.
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Brian Brazil
Often what you monitor and get alerted on is defined by your tools, rather than what makes the most sense to you and your organisation. Alerts on metrics such as CPU usage which are noisy and rarely spot real problems, while outages go undetected. Monitoring systems can also be challenging to maintain, and overall provide a poor return on investment.
In the past few years several new monitoring systems have appeared with more powerful semantics and which are easier to run, which offer a way to vastly improve how your organisation operates Prometheus is one such system. This talk will look at the monitoring ideal and how whitebox monitoring with a time series database, multi-dimensional labels and a powerful querying/alerting language can free you from midnight pages.
RoFormer: Enhanced Transformer with Rotary Position Embeddingtaeseon ryu
안녕하세요 딥러닝 논문읽기 모임입니다 오늘 업로드된 논문 리뷰 영상은 올해 발표된, RoFormer: Enhanced Transformer with Rotary Position Embedding 라는 제목의 논문입니다.
해당 논문은 Rotary Position Embedding을 이용하여 Transformer를 개선 시킨 논문입니다. Position embedding은 Self attention의 포지션에 대한 위치를 기억 시키기 위해 사용이 되는 중요한 요소중 하나 인대요, Rotary Position Embedding은 선형대수학 시간때 배우는 회전행렬을 사용하여 위치에 대한 정보를 인코딩 하는 방식으로 대체하여 모델의 성능을 끌어 올렸습니다.
논문에 대한 백그라운드 부터, 수식에 대한 디테일한 리뷰까지,
논문 리뷰를 자연어 처리 진명훈님이 디테일한 논문 리뷰 도와주셨습니다!
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
This presentation covers the following topics:
What is logging?
The purpose of logging: Debugging
The purpose of logging: Security
The purpose of logging: Stats & analytics
Traditional logging
Traditional logging: Advantages
Traditional logging: Disadvantages
The solution: Large-scale logging
Large-scale logging: Core principles
Large-scale logging: Solution types
Large-scale logging: Cloud vs on-prem
Large-scale logging: Operational complexity
Large-scale logging: Security
Large-scale logging: Costs
Large-scale logging: On-prem comparison
- Elasticsearch
- Grafana Loki
- VictoriaLogs
On-prem comparison: Setup and operation
On-prem comparison: Costs
On-prem comparison: Full-text search support
On-prem comparison: How to efficiently query 100TB of logs?
On-prem comparison: Integration with CLI tools
VictoriaLogs for large-scale logging
VictoriaLogs demo instance
- Ingestion rate: 3600 messages / minute
- The number of log messages: 1.1 billion
- Uncompressed log messages’ size: 1.5TB
- Compressed log messages’ size: 23GB
- Compression ratio: 47x
- Memory usage: 150MB
VictoriaLogs CLI integration demo
- Which errors have occurred in all the apps during the last hour?
- How many errors have occurred during the last hour?
- Which apps generated the most of errors during the last hour?
- The number of per-minute errors for the last 10 minutes
- Status codes for the last hour
- Non-200 status codes for the last week
- Top client IPs for the last 4 weeks with 404 and 500 response status codes
- Per-month stats for the given IP across all the logs
Large-scale logging solution
MUST provide
excellent CLI integration
VictoriaLogs: (temporary) drawbacks
VictoriaLogs: Recap
- Easy to setup and operate
- The lowest RAM usage and disk space usage (up to 30x less than Elasticsearch and Grafana Loki)
- Fast full-text search
- Excellent integration with traditional command-line tools for log analysis
- Accepts logs from popular log shippers (Filebeat, Fluentbit, Logstash, Vector, Promtail, Grafana Agent)
- Open source and free to use!
Harbor Research's Infographic on the Internet of Things and Smart ServicesHarbor Research
The Internet of Things holds untold potential to change the way we work, learn, entertain and innovate. This infographic explains the current state and future opportunities that the Internet of Things represents.
Triplewave: a step towards RDF Stream Processing on the WebDaniele Dell'Aglio
The slides of my talk at INSIGHT Centre for Data Analytics (in NUI Galway) where I presented TripleWave (http://streamreasoning.github.io/TripleWave/), an open-source framework to create and publish streams of RDF data.
Most of what Rundeck does is via one of it’s plugins. There are already over 100+ plugins to perform various services including executing commands on nodes, performing step in a workflow, or sending notification about job status. There may be instances where you need to write your own plugin to perform a specific step or action. In this session, will walk through the steps for writing our own plugin.
In this session you'll learn:
Review the structure of plugin
How to use the structure and what information you need to include in other files to make your plugin work
How to write a simple plugin example using java
How to reply and use your plugin
Scalable Recommendation Algorithms with LSHMaruf Aytekin
- Scalable recommendation algorithm based on Locality Sensitive Hashing (LSH) and Collaborative Filtering.
- Distributed implementation of LSH with Apache Spark.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/28XnVtb.
Felix Klock describe the core concepts of the Rust language (ownership, borrowing, and lifetimes), as well as the tools beyond the compiler for open source software component distribution (cargo, crates.io). Filmed at qconlondon.com.
Felix Klock is a research engineer at Mozilla, where he works on the Rust compiler, runtime libraries, and language design. He previously worked on the ActionScript Virtual Machine for the Adobe Flash runtime. Klock is one of the developers of the Larceny Scheme language runtime.
Event Sourcing with Kotlin, who needs frameworks!Nico Krijnen
You've heard about Event Sourcing, it sounds like a useful technique that can potentially make some really hard problems a lot easier. But where do you start? There are many talks about the theory and application of Event Sourcing, but what does it actually look like in code? And why is the Kotlin language such an excellent match for writing event sourced applications?
As Event Sourcing is a complicated topic we'll start with a short introduction to some of the key concepts like Event Sourcing, CQRS, command pattern and projections. Event Sourcing is not for everyone. It requires a significant shift in how you think about your data. Event Sourcing is also not always easy, so we'll point out some pitfalls and guide you on when it's worth using it and when you should stay away from it.
However, Event Sourcing is also super-valuable when it fits your needs! And if you approach it in the right way, it does not have to be as hard as you may think. With some live coding, we'll build up an event sourced model using the CQRS pattern. Along the way you'll get a taste of how these techniques work in code and how typical Kotlin constructs like data classes, immutability, lazy properties and functional style will help you to keep it all readable and easy to understand. You'll see that you don't need to start with a framework to do Event Sourcing and why Java doesn't make it as easy as Kotlin does. The Kotlin language provides a lot of the fundamentals that you need and that allows you to keep everything simple and in your own control.
---
As presented at Kotlin Dev Day, May 2022 in Amsterdam.
Refactoring Applications using SOLID PrinciplesSteven Smith
We’ve all heard about well-designed software projects, where things aren’t (yet) a big ball of mud that’s painful to work with, but many of us aren’t lucky enough to work on these. Nor is it an option for us to get to start a brand new “greenfield” project, where we can leave behind the legacy of spaghetti code and technical debt our current project might have.
But there is hope! By applying refactoring steps based on SOLID principles of object oriented design, we can reduce the technical debt of our existing application, improve our code quality, and hopefully make our application more enjoyable and productive to work with.
In this session, we’ll briefly introduce the SOLID principles and several design patterns, and then we’ll apply these principles and patterns by improving the design of an existing application through several refactoring steps.
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Brian Brazil
Often what you monitor and get alerted on is defined by your tools, rather than what makes the most sense to you and your organisation. Alerts on metrics such as CPU usage which are noisy and rarely spot real problems, while outages go undetected. Monitoring systems can also be challenging to maintain, and overall provide a poor return on investment.
In the past few years several new monitoring systems have appeared with more powerful semantics and which are easier to run, which offer a way to vastly improve how your organisation operates Prometheus is one such system. This talk will look at the monitoring ideal and how whitebox monitoring with a time series database, multi-dimensional labels and a powerful querying/alerting language can free you from midnight pages.
RoFormer: Enhanced Transformer with Rotary Position Embeddingtaeseon ryu
안녕하세요 딥러닝 논문읽기 모임입니다 오늘 업로드된 논문 리뷰 영상은 올해 발표된, RoFormer: Enhanced Transformer with Rotary Position Embedding 라는 제목의 논문입니다.
해당 논문은 Rotary Position Embedding을 이용하여 Transformer를 개선 시킨 논문입니다. Position embedding은 Self attention의 포지션에 대한 위치를 기억 시키기 위해 사용이 되는 중요한 요소중 하나 인대요, Rotary Position Embedding은 선형대수학 시간때 배우는 회전행렬을 사용하여 위치에 대한 정보를 인코딩 하는 방식으로 대체하여 모델의 성능을 끌어 올렸습니다.
논문에 대한 백그라운드 부터, 수식에 대한 디테일한 리뷰까지,
논문 리뷰를 자연어 처리 진명훈님이 디테일한 논문 리뷰 도와주셨습니다!
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
This presentation covers the following topics:
What is logging?
The purpose of logging: Debugging
The purpose of logging: Security
The purpose of logging: Stats & analytics
Traditional logging
Traditional logging: Advantages
Traditional logging: Disadvantages
The solution: Large-scale logging
Large-scale logging: Core principles
Large-scale logging: Solution types
Large-scale logging: Cloud vs on-prem
Large-scale logging: Operational complexity
Large-scale logging: Security
Large-scale logging: Costs
Large-scale logging: On-prem comparison
- Elasticsearch
- Grafana Loki
- VictoriaLogs
On-prem comparison: Setup and operation
On-prem comparison: Costs
On-prem comparison: Full-text search support
On-prem comparison: How to efficiently query 100TB of logs?
On-prem comparison: Integration with CLI tools
VictoriaLogs for large-scale logging
VictoriaLogs demo instance
- Ingestion rate: 3600 messages / minute
- The number of log messages: 1.1 billion
- Uncompressed log messages’ size: 1.5TB
- Compressed log messages’ size: 23GB
- Compression ratio: 47x
- Memory usage: 150MB
VictoriaLogs CLI integration demo
- Which errors have occurred in all the apps during the last hour?
- How many errors have occurred during the last hour?
- Which apps generated the most of errors during the last hour?
- The number of per-minute errors for the last 10 minutes
- Status codes for the last hour
- Non-200 status codes for the last week
- Top client IPs for the last 4 weeks with 404 and 500 response status codes
- Per-month stats for the given IP across all the logs
Large-scale logging solution
MUST provide
excellent CLI integration
VictoriaLogs: (temporary) drawbacks
VictoriaLogs: Recap
- Easy to setup and operate
- The lowest RAM usage and disk space usage (up to 30x less than Elasticsearch and Grafana Loki)
- Fast full-text search
- Excellent integration with traditional command-line tools for log analysis
- Accepts logs from popular log shippers (Filebeat, Fluentbit, Logstash, Vector, Promtail, Grafana Agent)
- Open source and free to use!
Harbor Research's Infographic on the Internet of Things and Smart ServicesHarbor Research
The Internet of Things holds untold potential to change the way we work, learn, entertain and innovate. This infographic explains the current state and future opportunities that the Internet of Things represents.
Virtual Reality for Business (VR Infographic by Opace)Opace Web Design
Opace infographic about what virtual reality can do for your business
Read this highly informative infographic from Opace, focusing on the hottest new piece of tech around; virtual reality. It looks at the history of virtual reality, which despite being widely popular now, dates back to the 1950s, as well as the main competitors in the virtual reality race, which includes all the big names from Google to Samsung. It has a handy price comparison chart, plenty of facts, figures and statistics regarding both the technology now and where it’s headed in the future.
The majority of the infographic focuses on the applications of virtual reality for business, especially for marketing, social media and e-commerce, and has plenty of examples and information on how you could look into incorporating virtual reality into your business’ digital strategy.
Alongside the infographic is a detailed article examining the applications for businesses in-depth, and makes for the perfect guide for anyone looking to take their digital marketing, social media and e-commerce strategies to the next level.
For more information, see:
https://www.opace.co.uk/blog/what-can-virtual-reality-do-for-your-business/
Standartlar ve güvenlik açısından veritabanı loglamanın önemi herkesçe malum. Veritabanına yönelik aktivitelerin görüntülenip, analiz edilerek, veriye hangi kullanıcının ve sistemin eriştiği bilgisinin detaylarını, hangi IP üzerinden, ne zaman erişildiğini ve veri üzerinde yapılan PL/SQL, T-SQL, SQL-T ve ANSI-SQL işlemlerini saklayarak raporlayabilmek hem kritik hem de standartlar ve uyumluluklar açısından gereklidir.
Aşağıda gerçekleştirilen projeler, daha önceden başka ekipler tarafından yapılan projelerin analizlerinde elde ettiğim tecrübelerimi paylaşmaya çalıştım. Aşağıda teknik unsurlar özetlenmeye çalışılacak. Bununla birlikte bir projenin başarılı olabilmesi için proje ekibinin çok önemli bir etken olduğu unutulmamalıdır.
3. Audit (Denetim)
Şirketler;
• Denetim kapsamına alacakları en önemli ve kritik
gördükleri tablolarını belirlemelidir, bu listeyi zaman zaman
güncellemelidir,
• Veritabanlarında kullanıcı aktivitelerini denetlemeli,
loglarını tutmalıdır, logların günlük, aylık, yıllık periyotlarda
büyüme hızlarını izlemeli ve buna göre gerekli kaynak
(Disk, RAM, vs…) artışına gitmelidir,
• Bu logların backup’larını almalıdır,
• Anlık kritik işlemler hakkında Alert mailler ile haberdar
olmalıdır,
• Tüm bu aktiviteleri raporlayabilmelidir.
3
4. Veritabanı Güvenliği için Kullanılan Uygulamalar
• Veritabanı Güvenliğini, dış kaynaklı felaketlerden ve kötü
niyetli kullanıcılardan korumak için sağlarız.
• Biz bu sunumda kötü niyetli kullanıcılardan veritabanımızı,
dolayısıyla tablespace, tablo, index, package, procedure,
function, vs… tüm objelerimizi nasıl korumaya alırız,
bunlar üzerinde yapılan aktiviteleri (transaction) nasıl
izleriz, nasıl loglarız ve nasıl raporlarız, bunları
inceleyeceğiz,
• Kötü niyetli kullanıcı neler yapabilir? En önemli tablo ve
veritabanı objelerini silebilir, erişmesi yasak olan
tablolarda işlem yapabilir, başka kullanıcılara gizli yetkiler
verebilir, Audit loglarını silebilir, gizli bilgilere erişebilir…
4
6. Oracle Audit Vault 10.3
Özet olarak açıklamak gerekirse, veritabanı denetim ayarlarını yapabileceğimiz ve
kullanıcıların tüm veritabanı aktivitelerini raporlayabileceğimiz uygulamadır.
6
7. Oracle Database Vault 10.3
Özet olarak açıklamak gerekirse, DBA veya kullanıcıların şirket uygulamalarına doğrudan
erişimlerinin OS user ve IP bazında kısıtlanabileceği, veritabanı seviyesinde bazı yetki
kurallarını tanımlayarak güvenliği sağlayabileceğimiz uygulamadır.
7
8. Oracle Audit Vault and Database Firewall 12.1.1
Bu son versiyon ile yapılan temel değişiklikler; Agent’ların çalışma mantığı değiştirildi, artık
Collector+Agent değil de sadece Agent yönetiliyor, raporlama ekranları daha kullanışlı ve
yeni Database Firewall özelliğinin eklenmesi.
8
9. Oracle Audit Vault 12.1.1 ile beraber gelen Database Firewall uygulaması network
üzerinde yetkisiz SQL trafiğini database’e ulaşmadan önce izler ve bloke eder. fwadmin
(Firewall Admin) en yetkili kullanıcı olarak tüm gerekli sistem ayarlarını yapabilir.
9
11. Oracle Audit Vault
Kaynak veritaban(lar)ındaki aktiviteleri izler (monitoring), loglar
(logging), raporlar (reporting) ve uyarır (alerting),
AVADMIN yönetir, AVAUDITOR raporlar.
!
HR Data
CRM Data
ERP Data
Databases
Audit
Data
Alerts
Built-in
Reports
Custom
Reports
Policies
Auditor
11
12. AUDIT_TRAIL (Denetim İzi):
None: Denetime Kapalı
DB: Kayıtlar SYS.AUD$ tablosunda tutulur
DB, EXTENDED: Kayıtlar SYS.AUD$ tablosunda SQL bind ve SQL text kolon bilgileri ile
birlikte tutulur
OS: *.aud uzantılı audit dosyaları Operating sistemde audit_file_dest dizininde tutulur
XML: Kayıtlar Operating sistemde XML formatında tutulur
XML, EXTENDED: Kayıtlar Operating sistemde XML formatında SQL bind ve SQL text
kolon bilgileri ile birlikte tutulur
show parameter audit;
veya
SQL> select name, value from v$parameter where lower(name) like 'audit%';
audit_file_dest
string
/oracle/db/admin/<instance_name>/adump
audit_syslog_level
string
audit_sys_operations
boolean TRUE
audit_trail
string
OS
ALTER SYSTEM SET AUDIT_TRAIL=OS SCOPE=SPFILE;
12
13. Alert Mekanizması
İstenmeyen durumların bildirimlerini almak için Alert mekanizması oluşturabiliriz.
Belli periyotlarda grafiksel olarak Alert’lerin istatistiğini görebiliriz.
13
16. Mail’imize raporun linki gönderildiği gibi raporun kendisi de attach edilmiş olarak pdf
formatında gönderilebilmektedir, mail hesabımızın kotasının raporlardan dolayı
büyümemesi için raporun linkinin gönderilmesi de tercih edilebilir.
16
17. Otomatik Alert Mail
Audit Vault Tablespace Size durumu için Alert Mail:
Audit Vault tablespace doluluk oranı belli bir eşik değeri (örnek olması
açısından aşağıdaki örnekte %60 limiti verildi, biz kullanımda %90 limitini
vereceğiz) aştığında otomatik Alert mailini alabiliriz.
17
18. Audit Vault Uygulaması için Alert Mail:
Audit Vault uygulamalarının data toplayıcı kollektor’ları (Collectors) herhangi bir
sebepten dolayı duracak olursa otomatik mail ile Alert durumu öğrenebiliriz.
18
19. Triger ile Denetleme
Çok önemli gördüğümüz 2-3 tablo için trigger yapısıyla ‘old value’ , ‘new value’
değerlerini loglayabiliriz, ‘ORHAN_TRIGGER_DENEME’ isminde oluşturduğum triger’ın
demosunu inceleyelim;
1
-- ÖRNEK TABLO YARATILIYOR
CREATE TABLE ORHAN_DENEME
2
(
-- AUDIT KAYITLARINI TUTACAK BIR TABLO OLUSTURULUR
CREATE TABLE ORHAN_AUDIT_TABLE (
OWNER VARCHAR2(30),
OWNER
OBJECT_NAME
VARCHAR2(128 BYTE),
SUBOBJECT_NAME
VARCHAR2(30 BYTE),
OBJECT_ID
NUMBER,
DATA_OBJECT_ID
NUMBER,
OBJECT_TYPE
VARCHAR2(19 BYTE),
CREATED
DATE,
LAST_DDL_TIME
DATE,
TIMESTAMP
VARCHAR2(19 BYTE),
STATUS
VARCHAR2(7 BYTE),
TEMPORARY
VARCHAR2(1 BYTE),
FOR EACH ROW
GENERATED
VARCHAR2(1 BYTE),
DECLARE
SECONDARY
VARCHAR2(1 BYTE),
NAMESPACE
NUMBER,
EDITION_NAME
)
VARCHAR2(30 BYTE),
VARCHAR2(30 BYTE)
TABLE_NAME VARCHAR2(30),
MODIFYING_USER VARCHAR2(30),
MODIFY_TIME DATE DEFAULT SYSDATE,
COLUMN_NAME varchar2(30),
BEFORE_VALUE varchar2(30),
AFTER_VALUE varchar2(30));
3
CREATE OR REPLACE TRIGGER ORHAN_TRIGGER_DENEME
AFTER UPDATE ON ORHAN_DENEME
v_username varchar2(10);
BEGIN
SELECT user INTO v_username FROM dual;
INSERT INTO ORHAN_AUDIT_TABLE ( OWNER, TABLE_NAME,
MODIFYING_USER, MODIFY_TIME, COLUMN_NAME, BEFORE_VALUE, AFTER_VALUE )
VALUES ( 'AV_SRV', 'ORHAN_AUDIT_TABLE', v_username, SYSDATE,
'OBJECT_NAME', :OLD.OBJECT_NAME, :NEW.OBJECT_NAME );
END;
19