content top

EM13c: SQL Monitoring Raises ORA-06553

After I have installed the EM13c R2, I noticed that I couldn’t access the SQL Monitoring page. I tested the SQL monitoring page for 11g to 12c database targets, and it gave the same error: ORA-06553: PLS-306: wrong number or types of arguments in call to ‘REPORT_SQL_MONITOR_LIST’. As you can guess I hit a bug, good thing is someone else already raised a service request and Oracle released Patch 24914115 to fix the bug. When I examined the patch, I saw that it’s also released for DB Plugin (OMS) 12.1.0.8.161031 Bundle. So if you applied this 161031 bundle for EM13 R1, you probably have the same bug, and you need to apply the patch.

I was planning to say a few words about the poor testing of EM13c releases, but I’m sure everyone already knows it, so I’ll just tell how I applied the Patch 24914115.

First of all, we need to update OPatch (in the Middleware Home) and OMSPatcher. To update OPatch, go to the Patch 6880880, and pick 13.9 release. It’s the OPatch for Enterprise Manager. I don’t think that Oracle Database will have 13.9 release so it seems 13.9 is reserved for Enterprise Manager 13c.

OPatch 13.9 is a different than previous OPatch releases. It comes with an installer. Download “p6880880_139000_Generic.zip”, unzip it to a temporary directory. You’ll see a file named “opatch_generic.jar”. Using JDK of Oracle Middleware Home, run the jar file:

Read More

EM13c: Unauthorized Access to Performance Pages

I noticed an interesting security problem (exploit?) on Oracle Enterprise Manager Cloud Control 13cR2 (I tested on EM13cR1 and it also exists on there). When you create an Enterprise Manager administrator, you need to grant some special privileges to that administrator if you want them to access the performance pages, but it seems there’s an alternative way to access the performance pages without requiring extra privileges.

Let’s say I created a new administrator with default roles (EM_USER and PUBLIC), and granted “Connect Target Read-only” for a target “RAC database”. I also granted access to a named credential or shared database login credentials.

performancemenu

Read More

Oracle Database Cloud Service: Set up Access Rules

I’ve started to test Oracle Database Cloud Services. I applied for trial, it’s accepted (you can also get a trial account, there’s no special requirement for it). After I got my welcome emails, I created a database service. As expected, it was very easy. All I needed is to click a couple of times, enter mandatory information and then wait until my Database is provisioned.

Oracle creates a VM for each database because they provide SSH access to the server. This gives you more power than standard PaaS but I don’t know what happens if you make some modification on the OS level such as upgrading packages, changing kernel settings etc…

Anyway, after I created a Database Service, I wanted to connect to EM but I see that I couldn’t access the page. First, I though it’s a bug, then I remembered our company firewall rules are very strict and it’s related with our firewall, then I noticed that almost all ports (expect SSH) are blocked.

databaseservice

Read More

EM13c: Get List of URLs Monitored by Beacons

When you need to monitor web services, you can use EM beacons. A beacon is a target that allows the EM Agent to remotely monitor services. You can add beacons to any EM agent using “Add Non-Host Targets by Specifying Target Monitoring Properties” option in the Add Targets Manually page. After adding a beacon, you can configure it to fetch a web page and test the status of the service according to the result of the web transaction.

One of my blog reader said that they have a list of URLs and they need to know which beacon server is polling each URL by querying the URL. We need to query four views to get this information: mgmt_targets, mgmt_bcn_target, mgmt_bcn_step_defn, mgmt_bcn_step_props.

Read More

EM13c: Is It Possible to Delete a Job Run with EMCLI?

Enterprise Manager Cloud Control provides a centralized job scheduling system and it’s possible to control it through both web interface and EMCLI. On the other hand, it seems web interface provides more control over the past jobs, for example it’s not possible to delete a job run with EMCLI, while it’s possible to do it on web interface:

deleterun

EMCLI verb “get_jobs” reports all runs of the jobs, and “delete job” can delete job and its all runs but it’s not possible to delete a specific run of a job. For example, if you want to delete hundreds of “failed” (or “skipped”) runs of a job, EMCLI won’t help you and doing it through the web interface will be very time consuming.

Read More
Page 1 of 4112345...Last »
content top