directory.oracle
- Borja Moro Moreno
Introduction
The tags beginning with directory.oracle identify events generated by Oracle's Unified Directory.
Valid tags and data tables
The full tag must have four levels. The first two are fixed as directory.oracle and represent technology and brand. The third level corresponds to the product while the fourth identifies the type of events sent.
Technology | Brand | Product | Type |
|---|---|---|---|
directory | oracle | sun_one | ldap_access |
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|---|
| directory.oracle.sun_one.ldap_access | directory.oracle.sun_one.ldap_access |
Log samples
The following are sample logs sent to each of the directory.oracle data tables. Also, find how the information will be parsed in your data table under each sample log.
Extra columns
Fields marked as Extra in the table below are not shown by default in data tables and need to be explicitly requested in the query. You can find them marked as Extra when you perform a query so they can be easily identified. Learn more about this in Selecting unrevealed columns.
directory.oracle.sun_one.ldap_access
2021-09-21 09:31:02.748 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: 2021-09-08 13:48:43.045 anotherhost=127.0.0.1 directory.oracle.sun_one.ldap_access: [22/Oct/2002:12:09:45 +0200] conn=26 op=2 msgId=1 - MOD dn="cn=Some Client,ou=People,dc=Example,dc=COM" 2021-09-21 09:31:02.748 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: 2021-09-08 13:48:43.045 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: [05/Jun/2020:09:51:08 -0400] conn=3167 op=2 msgId=3 - EXT oid="1.1.1.1.1.1.1.2.11.9.6.1" 2021-09-21 09:33:00.785 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: [05/Jun/2020:09:51:08 -0400] conn=3167 op=2 msgId=3 - EXT oid="1.1.1.1.1.1.1.2.11.1.1.1" 2021-09-21 09:33:00.785 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: [22/Oct/2002:12:09:45 +0200] conn=26 op=2 msgId=1 - MOD dn="cn=Some Client,ou=People,dc=Example,dc=COM" 2021-09-21 09:55:16.308 localhost=127.0.0.1 directory.oracle.sun_one.ldap_access: [05/Jun/2020:09:51:08 -0400] conn=3167 op=2 msgId=3 - EXT oid="1.1.1.1.1.1.1.2.11.9.6.1"
And this is how the log would be parsed:
Field | Value | Data type | Extra fields |
|---|---|---|---|
eventdate |
|
| |
hostname |
|
| |
hostchain |
|
| ✓ |
tag |
|
| ✓ |
rawMessage |
|
| ✓ |
serverTime |
|
| |
action |
|
| |
conn |
|
| |
op |
|
| |
msgId |
|
| |
dn |
|
| |
method |
|
| |
version |
|
| |
err |
|
| |
serverTag |
|
| |
nentries |
|
| |
etime |
|
| |
fd |
|
| |
slot |
|
| |
requestID |
|
| |
protocol |
|
| |
host |
|
| |
remlog |
|
| |
uname |
|
| |
date |
|
| |
request |
|
| |
status |
|
| |
length |
|
| |
base |
|
| |
scope |
|
| |
filter |
|
| |
attrs |
|
| |
msgid |
|
| |
targetop |
|
| |
oid |
|
| |
csn |
|
|