×

IDMWORKS Blog

Oracle Access Manager (OAM) 11g Auditing Tips


Oracle Access Manager (OAM) 11g Auditing Tips

Let’s say you want to enable auditing with OAM 11g so you can see successful/failed authentication and authorization events. You will commonly see documentation telling you to simply change the Audit Policy settings for your Weblogic domain in Enterprise Manager (see below) to enable OAM auditing.

Oracle Enterprise Manager – Audit Policy

Actually

There’s an additional step that you will need to take to full enable the auditing. Login to the OAM Console and navigate to the System Configuration tab. Choose Common Settings, and under Audit Configuration (see below) you will see an option to enable a Filter.

NOTE – The Filter Preset option defaults to Low, so you’ll need to change it to All to see authentication and authorization events. One more important thing to do is remove any users from the list, otherwise you will only capture events for those users listed.

OAM Console – Audit Configuration

 

NOTE – You’ll have to restart after you make the changed in Enterprise Manager. After the restart, you will find audit events in the IAU_BASE table, and the BI Publisher OAM reports.

Remember, you can find the OAM reports in /oam/server/reports/oam_audit_reports_11_1_1_3_0.zip

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

Leave a Reply

Your email address will not be published. Required fields are marked *