This note describes the process of granting the AVDF_ADM user the AV_SENSITIVE database role and executing the Sensitive Data report via the AVDF console.
Execute the av_sensitive_role script
Connect via SSH to the Audit Vault server as the support user
login as: support
Audit Vault Server 220.127.116.11.0
DO NOT CHANGE ANY CONFIGURATIONS IN Audit Vault Server APPLIANCE WITHOUT GUIDANCE FROM
ORACLE SUPPORT. ANY CHANGES SHOULD BE TRACEABLE TO APPROPRIATE SR REFERENCE.
Last login: Mon Mar 22 15:08:06 2021 from 192.168.56.100
[support@dbav ~]$ su - root
Last login: Mon Mar 22 15:08:27 UTC 2021 on pts/0
Last failed login: Tue Mar 23 07:17:11 UTC 2021 on pts/0
There was 1 failed login attempt since the last successful login.
[root@dbav ~]# su - oracle
Last login: Tue Mar 23 04:45:42 UTC 2021
The Oracle base has been set to /var/lib/oracle
[oracle@dbav ~]$ cd /usr/local/dbfw/bin
[oracle@dbav bin]$ python av_sensitive_role grant AVDF_ADM
Role granted successfully
Select the target and click on Sensitive Objects
Note: the CSV file has been created via DBSAT which identifies the tables and columns with sensitive data
Connect as AVDF_AUD
Run Sensitive Data report
These are the tables and associated columns which are deemed to contain data sensitive in nature.