I want to do following task with Splunk:
I want to monitor and audit if a user or customer touches an Oracle Form in a WebServer.
What I need to know is:
Who opened and manipulated an Oracle Form?
What was done/manipulated in the Form?
Follow the transaction path?
For the transaction path, does anybody know if there is a unique ID in Oracle Forms, which can be used to track transactions?
Any feedback and shared experience is highly appreciated.
If you post an example block of logs from the Oracle Forms server, that'll provide a much better starting point for people to try and construct a search.
unfortunately I do not have logfile examples right now.
My question was if somebody has some kind of experience how to trace transactions within Oracle Forms Server or if somebody knows about unique ID's.
I will try to catch some examples and share with you.
While I haven't worked with Oracle Forms I know that alot of other oracle software (OC4J, WebCache, OHS, SOA, etc) utilize something called Execution Context ID (ECID) which is used to track transaction.
I have previously used this for stuff like finding out what request in the access_log generated a specific cluster of errors in the error_log.