Configure the scanner
To configure the Snow Inventory Oracle scanner, use the Oracle element of the agent configuration file, snowagent.config.
The Oracle element has the following contents:
<Oracle enabled="..." debug="...">
<Environment>...</Environment>
<DefaultInstanceCredentials>...</DefaultInstanceCredentials>
<Oratab>...</Oratab>
<InstancesWithConfiguration>...</InstancesWithConfiguration>
<Include>...</Include>
<Exclude>...</Exclude>
<FileSystemSecurityModule>...</FileSystemSecurityModule> (Only applicable to Linux and Unix)
<CommonOSGroup>...</CommonOSGroup> (Only applicable to Linux and Unix)
<UseMixedCredentials>...</UseMixedCredentials>
<EnableEbsScanning>...</EnableEbsScanning> (Only applicable to Linux and Unix)
</Oracle>
Configured elements that are only applicable to Linux and Unix will have no impact on the scanning process in a Windows environment.
Configuration reference
Refer to this section for the complete specifications of the Oracle element.
Oracle
The attributes of the Oracle element are:
Attribute: enabled
Values: true, false
Default: false
To enable the scanner, the attribute must be set to true. The agent will then run the scanner as part of the scanning process.
Attribute: debug
Values: true, false
Default: false
When set to true, the scan will be performed in debug mode. Additional information, such as PL and SQL script outputs in /sios/debug/ will be added to the .snowpack file.
The contents of each child element are specified below.
Environment
Configuration > Oracle > Environment
The element is used for setting default environment variables to be used during the scan. The variables specified here will be used for the instance being scanned if no environment variables have been specified for that specific instance in InstancesWithConfiguration > Instance > Environment.
<Environment>
<Item variable="..." value="..." />
</Environment>
| Element | Description |
|---|---|
| Item | Specifies a single environment variable to be set. Attributes:
|
DefaultInstanceCredentials
Configuration > Oracle > DefaultInstanceCredentials
Specifies the default credentials that will be used to scan databases if no specific credentials for each individual database instance have been specified in Include > Instance > Credentials. Not required if automatic scan is used or if instance-specific credentials have been specified.
To use the credentials in mixed environments, you must also configure the UseMixedCredentials element.
<DefaultInstanceCredentials UseTNS="...">
<UserName>...</UserName>
<Password>...</Password>
</DefaultInstanceCredentials>
Attribute: UseTNS
Values: true, false
When a dedicated user is used for scanning and the attribute is set to true, the Instance SID will be added to the credentials.
| Element | Description |
|---|---|
| UserName | The username of the default credentials. |
| Password | The password of the default credentials. Note: Passwords must be provided in encrypted form. |
Oratab
Configuration > Oracle > Oratab
Specifies the location of the Oratab file to be used to read the ORACLE_HOME directory for a database instance. This setting will be overriden if an instance-specific configuration is specified in Include > Instance or InstancesWithConfiguration > Instance.
<Oratab>...</Oratab>
InstancesWithConfiguration
Configuration > Oracle > InstancesWithConfiguration
Specifies the database instance configuration to use for each individual instance being scanned.
<InstancesWithConfiguration>
<Instance>
<SID>...</SID>
<OracleHome>...</OracleHome>
<Environment>
<Item variable="..." value="..." />
</Environment>
</Instance>
</InstancesWithConfiguration>
| Element | Child element | Description |
|---|---|---|
| Instance | Defines the configuration for a specific database instance. | |
| SID | Required. The System Identifier for the database instance. | |
| OracleHome | Path to the ORACLE_HOME directory. Used if the scanner cannot find the path automatically. | |
| Environment | Child element:
|
Include
Configuration > Oracle > Include
Required. Specifies which database instances will be scanned. By default, AllInstances is set to true, meaning that all instances are selected for scanning.
<Include>
<AllInstances>...</AllInstances>
<Instance>
<SID>...</SID>
<Credentials UseTNS="...">
<UserName>...</UserName>
<Password>...</Password>
</Credentials>
<OracleHome>...</OracleHome>
<Environment>
<Item variable="..." value="..." />
</Environment>
</Instance>
</Include>
| Element | Child element | Description |
|---|---|---|
| AllInstances | N/A | Required. If set to true, all instances are selected for scanning. You can exclude instances from this complete scanning by specifying them in the Exclude element. If set to false, each specific instance to be scanned must be specified in Instance. Values: true, false Default: true |
| Instance | Defines a specific database instance to be included in the scan. | |
| SID | Required when using the Instance element. The System Identifier for the database instance. | |
| Credentials | Attribute: UseTNS Values: true, false When a dedicated user is used for scanning and the attribute is set to true, the Instance SID will be added to the credentials. Child elements:
| |
| OracleHome | Path to the ORACLE_HOME directory. Used if the scanner cannot find the path automatically. | |
| Environment | Child element:
|
Exclude
Configuration > Oracle > Exclude
Specifies which instances to exclude from the Oracle database scan.
This exclusion list applies only if all instances have been selected for scanning under Include, that is, if Include > AllInstances is set to true. If Include > AllInstances is set to false, any configuration under this element will be ignored.
<Exclude>
<Instance>
<SID>...</SID>
</Instance>
</Exclude>
| Element | Child element | Description |
|---|---|---|
| Instance | Defines a specific database instance to be excluded from the scan. | |
| SID | Required. The System Identifier for the database instance. |
FileSystemSecurityModule
Configuration > Oracle > FileSystemSecurityModule
Only applicable to Linux and Unix. Can be used to ensure that the Oracle scanner can successfully run in environments where a security policy changes the OS user’s current working directory (CWD) at logon. Use the value CWD to make the scanner automatically redirect itself back to its temporary working directory after the logon event.
<FileSystemSecurityModule>...</FileSystemSecurityModule>
Values: DEFAULT, CWD
Default: DEFAULT
Detailed description: The scanner creates a temporary working directory that it uses during the scan. If your company has a custom file system security policy that changes the CWD at OS user logon, the user will be moved out of this temporary directory. In the scanner’s default configuration, this will cause the scan to fail.
To allow the scanner to run in environments with such security policies, configure this element with the value CWD. With the configuration, the scanner will automatically navigate from the system's CWD to the correct temporary working directory after the OS user logon.
The configuration should be used when the following circumstances apply:
-
The scanner is executed with full privileges (root).
-
The environment that the scanner is executed on has a custom login script that changes the CWD when using the switch user command (su) under Linux and Unix.
The configuration will not affect the execution of the scanner in a Windows environment.
CommonOSGroup
Configuration > Oracle > CommonOSGroup
Only applicable to Linux and Unix. Can be used to specify a custom DBA group name instead of the default name dba.
<CommonOSGroup>...</CommonOSGroup>
Default: dba
The configuration will not affect the execution of the scanner in a Windows environment.
All operating system users that are running database instances must be members of the group.
UseMixedCredentials
Configuration > Oracle > UseMixedCredentials
Can be used to enable the default credentials specified in DefaultInstanceCredentials to also be used in mixed environments with both container and non-container databases.
<UseMixedCredentials>...</UseMixedCredentials>
Values: true, false
Default: false
Detailed description: Since dedicated database users used for scanning must be created as common users for container databases, with a C## prefix, and as regular users for non-container databases, without a C## prefix, this additional configuration will allow the user defined under DefaultInstanceCredentials to work on both. When enabled, if the scanner cannot connect to the specific database with the configured user, it will try again by adding or removing the C## prefix from the username.
For example, if the DefaultInstanceCredentials element has been configured with the common user C##SNOW and the scanner does not succeed to connect to a database, it will try again with the user SNOW, and vice versa.
This configuration option takes effect only if the DefaultInstanceCredentials element is also configured.
EnableEbsScanning
Configuration > Oracle > EnableEbsScanning
Only applicable to Linux and Unix. Specifies whether the Oracle scanner inventories E‑Business Suite data or not. Inventory is enabled by default. Use the value false to disable E‑Business Suite data inventory.
<EnableEbsScanning>...</EnableEbsScanning>
Values: true, false
Default: true
The inventoried E-Business Suite data can be displayed and managed in the Oracle section of SAM Core on Snow Atlas. The data cannot be used in Snow License Manager.