I am setting up a connection from our Splunk test instance (single server, v7.1.2) so that I can use DB Connect (v3.1.3) to pull data from Oracle Audit Vault (OAV). We've created an account in OAV for this and we can log into OAV using that account. I have configured DB Connect to use that same account as the Identity but when I try to save the configuration for the connection string (Configuration > Connection > Settings) with the correct host name, port and database. I've tried using both "Oracle" and "Oracle Service" as the connection type.
Splunk Answers provided several references to other Oracle issues and one did seem like mine -- Splunk DB Connect: How to connect to Oracle DB? I tried what was suggested but it too did not work.
No matter what I try, I get the following error message:
Database connection OAV is invalid
IO Error: The Network Adapter could not establish the connection
There is nothing more in the Splunk logs about this than this same message and the call to get the Identity info. We have not found any error messages (yet) in the Oracle logs. The only thing I can think of that is causing this is:
- There is a firewall between our Splunk server and the OAV server.
We're checking on that.
- For some reason, the network adapter is rejecting our requests.
Not sure how that would happen, but it was suggested by another team member. IDK
Has anyone experienced something like this and what was done to resolve the issue? Does anyone have any suggestions of what else to look for or other considerations that we have overlooked?
