Oracle E-Business Logging and Auditing, CMM and SIEM
Most Oracle E-Business Suite implementations do not fully take advantage of the auditing and logging features. These features are sophisticated and are able to satisfy most organization’s compliance and security requirements.
The default Oracle E-Business Suite installation only provides a basic set of logging functionality. In Integrigy’s experience, the implementation of database and application logging seldom exceeds meeting the needs of basic debugging. Most organizations do not know where to start or how to leverage the built-in auditing and logging features to satisfy their compliance and security requirements.
Even organizations already using centralized logging or Security Incident and Event Management (SIEM) solutions, while being more advanced in the Common Maturity Model (CMM), in Integrigy’s experience are commonly challenged by the E-Business Suite’s auditing and logging features and functionality.
This guide presents Integrigy’s framework for auditing and logging in the Oracle E-Business Suite. This framework is a direct result of Integrigy’s consulting experience and will be equally useful to both those wanting to improve their capabilities as well as those just starting to implement logging and auditing. Our goal is to provide a clear explanation of the native auditing and logging features available, present an approach and strategy for using these features and a straight-forward configuration steps to implement the approach.
Integrigy’s framework is also specifically designed to help clients meet compliance and security standards such as Sarbanes-Oxley (SOX), Payment Card Industry (PCI), FISMA, and HIPAA. The foundation of the framework is PCI DSS requirement 10.2.
To make it easy for clients to implement, the framework has three maturity levels – which level a client starts at depends on the infrastructure and policies already in place.
The three levels are:
- Level 1 – Enable baseline auditing and logging for application/database and implement security monitoring and auditing alerts
- Level 2 – Send audit and log data to a centralized logging solution outside the Oracle Database and E-Business Suite
- Level 3 – Extend logging to include functional logging and more complex alerting and monitoring
This blog series will be reviewing the Framework in detail. The full whitepaper is available for download – the link is referenced below.
If you have questions, please contact us at firstname.lastname@example.org
-Michael Miller, CISSP-ISSMP