Omega Core Audit for Oracle App for Splunk integrates Omega Core Audit - another DATAPLUS product - with Splunk.
The Omega Core Audit deployments monitor and protect the Oracle databases and deliver the generated security events
on user-defined schedule to your Splunk server!
Omega Core Audit features built-in support for delivering security events to Splunk using the later's TCP Data Input to upload records; security events can also be retrieved by Splunk DB Connect.
Omega Core Audit for Oracle App for Splunk ingests security event records generated and delivered exclusively by
the Omega Core Audit software solution only.
To download Omega Core Audit solution, please visit:
Omega Core Audit App for Splunk User Guide is provided in file Omega_CA_Splunk App_User_Guide.txt as part of the .spl install. To get the PDF version of this guide, please visit:
and go to the tab Resources.
Oracle Database security solutions
New in 1.8.0
Pulling security events from Omega Core Audit with Splunk DB Connect App is now supported.
New Alerts dashboard as app's main.
Creation of Index omega_ca is removed from Install Package.
Creation of TCP Data Input is removed from Install Package.
Unified Audit Trail renamed to Security Events Trail
Fix on large message ingest.
What's new in 1.0.0?
This is the first release of Omega Core Audit App for Splunk.
Fixed issues in 1.0.0
Known issues in 1.0.0
The default ALL choice of the (search) Extra Options will not get auto-completed when no choice made in the multi-select; it must be selected manually for panels to return data.
Changing the (search) Extra Options Operator will not trigger a search in the dashboards panels; only the change on the Extra Options drop-down will do. You need to provoke the Change event manually - for example by selecting and unselecting the ALL option.
Policy Type option Administrative missing in respective drop-down input on form Unified Audit Trail.
1. Open the form for edit
2. Locate the drop-down input named "field_policy_type"
3. Add a new fifth value of choice after the first existing four, as below:
4. save the form
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.