User authentication (Oracle) example

If your site uses Oracle OS authentication, the DB_USER cannot be captured in network traffic and therefore is not logged. For this session-level policy, if the DB_USER is empty, the policy copies the ORACLE_USER name to DB_USER.

  • Session level criteria:
    • Client IP address = 10.10.10.10
    • Server IP address = 20.20.20.20
    • Database type = ORACLE
    • Server port = 1521
  • Rule action: TRANSFORM DB USER
    • Source = OS USER
    • Output format = (.*)

SR language example

SR_POLICIES
{
         IF (CLIENT_IP = '10.10.10.10' SERVER_IP = '20.20.20.20' DB_TYPE = 'ORACLE' SERVER_PORT = 1521) 
        {
                TRANSFORM_DB_USER SOURCE = OS_USER OUTPUT_FORMAT = '(.*)'
        }
}