Oracle Record

action={action}

Specify create, update, delete (using POST) or list (using GET or POST). See List Auth Records for type

echo_request={0|1}

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.

ids={value}

Record IDs to update/delete. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated.

title={value}

A title for the record. The title must be unique. Maximum 255 characters (ascii).

comments={value}

User defined comments. Maximum of 1999 characters.

is_template={0|1}

By default, a new record is a regular Oracle record. Specify 1 to create an Oracle system record template. You must also specify login credentials, which are described below. See System created Oracle authentication records.

status={0|1}

The record status, active or inactive. By default, a new record is set to active (1). Set to 0 for inactive record or 1 for active record. (This parameter applies to system created and user created Oracle records. It cannot be specified for Oracle system record templates.)

save_as_user_auth={0|1}

Specify 1 to update a system created record and save it as a user created record. If another Oracle record already exists with the same IP address and target configuration then an error will be returned. (This parameter applies only to system created Oracle records. It cannot be specified for user created Oracle records and it cannot be specified for Oracle system record templates.)

is_cdb={0|1}

Indicates whether the database is a Container Database (CDB). Specify 1 if the database is a CDB or 0 (the default) if the database is not a CDB. When not specified, we'll use is_cdb=0.
Identifying the Oracle database as CDB ensures the right compliance checks are performed for multitenant technologies. Also, when the database is a CDB, we auto-discover all Pluggable Databases (PDBs) within the container environment, and scan them for compliance. This saves you from having to create separate, additional Oracle records for each PDB instance.

When you list Oracle authentication records with details=All or details=Basic, you will see the IS_CDB value in the XML output for each record.

Login Credentials

login_type={basic|vault}

Login type can be basic (default) or vault. Set to vault if a third party vault will be used to retrieve the password. Vault parameters need to be provided in the record.

username={value}

The user account to be used for authentication to the Oracle database. The username may include 1-31 characters (ascii).

password={value}

The password corresponding to the user account defined in the record for authentication. Maximum 100 characters (ascii).

vault_id={value}

The vault ID from where you want to retrieve the password. Certain vaults support this capability.

vault_type={value}

The third party vault to be used to retrieve the password for login. Certain vaults support this capability. View our latest Vault Support Matrix

{vault parameters}

Vault specific parameters required depend on the vault type you've selected. See Vault Parameters

servicename={value}

The Oracle service name that identifies the database instance to be authenticated to. A maximum of 30 characters may be specified.

The parameters sid and servicename cannot be specified in the same request.

port={value}

The port number that the Oracle database instance is running on. When not specified, the “All Ports” option is used and the scanning engine will authenticate to the database instance on each port that the Oracle service is detected on. Ports used for Oracle authentication

These parameters are mutually exclusive: instance and auto_discover_instances=1.

pc_only={0|1}

Specify 1 to perform compliance scans on multiple instances running on host and port combinations in this record. This parameter must be specified if this Oracle record has some host and port combination, which is already defined in another record. Note, however, when pc_only=1 is specified, the record will be used for compliance scans only. When not specified, the record will be used for vulnerability scans and compliance scans.

Target Hosts

ips={value}

Required to create record

The IP address(es) the server will log into using the record’s credentials. Multiple entries are comma separated.

(Optional to update record) IPs specified will overwrite existing IPs in the record, and existing IPs will be removed.

This parameter and the add_ips parameter or the remove_ips parameter cannot be specified in the same request.

add_ips={value}

Add IPs and/or ranges to the IPs list for this record. Multiple IPs/ranges are comma separated.

This parameter and the ips parameter cannot be specified in the same request.

remove_ips={value}

IPs to be removed from your record. You may enter a combination of IPs and ranges. Multiple entries are comma separated.

This parameter and the ips parameter cannot be specified in the same request.

network_id={value}

The network ID for the record.

OS Parameters Windows

OS Parameters are used for compliance scans only.

perform_windows_os_checks={0|1}

Specify 1 to perform OS-dependent compliance checks for the Oracle technology during Windows authenticated compliance scans. These checks are assigned to the control category “Databse Setttings” in the sub-category “DB OS-dependent Controls”.

win_ora_home_name={value}

The Windows Oracle Home name. Example: OraHome1

win_ora_home_path={value}

The Windows Oracle Home path.

Example: c:\Program Files\Oracle\10

win_init_ora_path={value}

The pathname to the Windows init(SID).ora file.

Example: c:\Program Files\oracle\dbs\initORA10.ora

win_spfile_ora_path={value}

The pathname to the Windows spfile(SID).ora file.

Example: c:\Program Files\oracle\network\admin\spfileORA10.ora

win_listener_ora_path={value}

The pathname to the Window listener.ora file.

Example: c:\Program Files\oracle\network\admin\listener.ora

win_sqlnet_ora_path={value}

The pathname to the Windows sqlnet.ora file.

Example: c:\Program Files\oracle\network\admin\sqlnet.ora

win_tnsnames_ora_path={value}

The pathname to the Windows tnsnames.ora file.

Example: c:\ProgramFiles\oracle\network\admin\tnsnames.ora

OS Parameters Unix

OS Parameters are used for compliance scans only.

perform_unix_os_checks={0|1}

Specify 1 to perform OS-dependent compliance checks for the Oracle technology during Unix authenticated compliance scans. These checks are assigned to the control category "Databse Setttings" in the sub-category "DB OS-dependent Controls".

perform_unix_opatch_checks={0|1}

Specify 1 to perform OPatch checks using the OPatch binary to return a list of all installed patches for the Oracle instance.

In a case where perform_unix_os_checks=1 is specified and perform_unix_opatch_checks=0 is specified (or this parameter is not specified), the service checks for patch information from the Oracle database directly; information in the database may not be accurate so the list of installed patches returned by the service also may not be accurate.

unix_ora_home_path={value}

The Unix Oracle Home path.

Example: /usr/opt/oracle/10

unix_init_ora_path={value}

The pathname to the Unix init(SID).ora file.

Example: /usr/opt/oracle/dbs/initORA10.ora

unix_spfile_ora_path={value}

The pathname to the Unix spfile(SID).ora file.

Example: /usr/opt/oracle/network/admin/spfileORA10.ora

unix_listener_ora_path={value}

The pathname to the Unix listener.ora file.

Example: /usr/opt/oracle/network/admin/listener.ora

unix_sqlnet_ora_path={value}

The pathname to the Unix sqlnet.ora file.

Example: /usr/opt/oracle/network/admin/sqlnet.ora

unix_tnsnames_ora_path={value}

The pathname to the Unix tnsnames.ora file.

Example: /usr/opt/oracle/network/admin/tnsnames.ora

unix_invptrloc={value}

The pathname to the Unix oraInst.loc file. Use this parameter to identify a custom inventory for patches.

Example: /usr/opt/oracle/network/admin/oraInst.loc