Connecting to target databases : Pre-configuration for monitoring target databases : Oracle target database pre-configuration
 
Oracle target database pre-configuration
Required privileges for monitoring or auditing Oracle databases
To prepare for database monitoring, ensure the FortiDB database user has the following privileges:
Policy type
Required privileges
Data
For DB, EXTENDED and XML File Agent collection methods:
CREATE SESSION
SELECT_CATALOG_ROLE
DELETE_CATALOG_ROLE
AUDIT ANY
AUDIT SYSTEM
SELECT SYS.AUD$
SELECT on the monitored tables or SELECT ANY TABLE
For TCP/IP Sniffer collection method (privileges required for browsing database to define data policy):
CREATE SESSION
SELECT_CATALOG_ROLE
SELECT on the monitored tables or SELECT ANY TABLE
Privilege
CREATE SESSION
SELECT_CATALOG_ROLE
DELETE_CATALOG_ROLE
AUDIT SYSTEM
Metadata
CREATE SESSION
SELECT_CATALOG_ROLE
For activity auditing:
CREATE SESSION
AUDIT SYSTEM
SELECT_CATALOG_ROLE
To grant privileges to your database user, use a GRANT statement. For example:
GRANT SELECT_CATALOG_ROLE TO username
GRANT DELETE_CATALOG_ROLE TO username
See also
Configuring an Oracle database for PCI, SOX, and HIPAA policies
Enabling FortiDB to delete audit records
Oracle XML file agent installation and configuration (UNIX, Windows)
Adding (or modifying) a target connection
Configuring Oracle monitoring