Comcast is a leading global media and technology company providing connectivity, entertainment, sports, news, and experiences to hundreds of millions of customers worldwide. Our DBA team at Comcast has deployed a robust and highly available Oracle Enterprise Manager (EM) infrastructure to provision, patch, monitor, and support our large Oracle Database DBaaS operations. To monitor our Enterprise Edition MySQL databases, we decided to use EM to leverage its highly reliable infrastructure instead of setting up a separate MySQL Enterprise Monitor (MEM) infrastructure.
In this blog, we share our solution of using Metric Extensions to monitor and alert when InnoDB Cluster member nodes are offline or ejected.
A typical MySQL InnoDB Cluster consists of at least three separate MySQL Server nodes. The MySQL InnoDB Cluster uses MySQL Group Replication technologies to provide virtually synchronous replication among cluster member nodes, along with built-in conflict detection or handling and consistency guarantees across all cluster nodes. It also provides features such as automatic membership management, fault tolerance, automatic failover, and so on.
If you have been following the EM releases for a while, you are familiar with Release Updates (RUs). RUs are the agile way to roll out new EM features and bug fixes, you don’t have to wait for a major release. RUs are versioned with a trailing digit indicating the RU version. Note that RUs are cumulative, which means that the most recent RU includes functionality from all previous release updates. Our general recommendation is to apply the most current RU as soon as possible.
Download the latest RU from My Oracle Support: see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1
If you have been following the EM releases for a while, you are familiar with Release Updates (RUs). RUs are the agile way to roll out new EM features and bug fixes, you don’t have to wait for a major release. RUs are versioned with a trailing digit indicating the RU version. Note that RUs are cumulative, which means that the most recent RU includes functionality from all previous release updates. Our general recommendation is to apply the most current RU as soon as possible.
Download the latest RU from My Oracle Support: see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1
Oracle Cloud Infrastructure (OCI) Logging Analytics provides advanced tools for log management and analysis, crucial for cost optimization and insightful decision-making. By adopting strategic practices in data retention and understanding the intricacies of storage pricing, businesses can significantly reduce operational expenses. The service’s suite of features, including Log Parsers and Management Agents, enables the transformation of voluminous log data into valuable insights, aiding in application observability, system monitoring, security enhancement, and regulatory compliance. Leveraging these tools efficiently ensures organizations not only optimize their cloud expenses but also gain a competitive edge through data-driven strategies.
In the following blog series, you’ll be equipped with best practices that not only streamline your operations but also ensure that your use of OCI Logging Analytics is as cost-effective as possible. Let’s embark on this journey to maximize efficiency and optimize costs in the realm of cloud log management.
Don’t be so quick to place blame on external bad actors, IT, or a database administrator. Sophisticated cyber-attacks have increased in the past few years, and it’s almost an everyday incident, but can your business rule out that it was not someone on the inside versus the outside?
Loss of sensitive data, stolen credentials, identity theft, loss of privacy, and others can be prevented when businesses modernize their database configuration management and security compliance management practices.
Often in IT organizations, the focus of breach prevention is on external actors, yet the risk from internal actors is just as high. Privilege misuse and stolen credentials are the most common intentional actions by internal actors for malicious reasons according to reports like Verizon’s 2023 Data Breach Investigations Report (DBIR).
To truly secure and prevent unauthorized access to sensitive data, automated database configuration, and patching security assessment to known industry security standards and best practices must be implemented on day one of database deployment.
Oracle Enterprise Manager (EM) publishes industry and regulatory security compliance standards such as Center for Internet Security (CIS) Benchmarks and Department of Defense (DoD) Security Technical Implementation Guides (STIG). Your organization can use or customize them to create specific security controls that align with your company’s security policies.
The Center for Internet Security publishes CIS Critical Security Controls (CSC) to help organizations better defend against known attacks by distilling key security concepts into actionable controls to achieve greater overall cybersecurity defense. To make it easy to effectively implement these Controls, CIS created three Implementation Groups (IGs) – IG1 (essential cyber hygiene), IG2 (additional set of safeguards), and IG3 (secure sensitive and confidential data). The recommendation is for enterprises to at least implement controls in Implementation Group 1 (IG1) to ensure essential cyber hygiene.
Oracle Enterprise Manager CIS Benchmarks, included as part of the Database Lifecycle Management (DBLM) pack, supports more than 100 unique security controls covering all three Implementation Groups (IGs) that encompass:
Database parameter settings for listeners and databases
Oracle connection and login restrictions
Database users to check for default passwords.
Privileges, grants, and access control to revoke public and excessive privileges.
Many Enterprises are in the midst of large-scale digital transformation. Strategic projects involve re-platforming of business-critical Applications and underlying database infrastructure to new generation cloud-based technologies like Oracle Exadata Database Service or Exadata Cloud@Customer, and even to traditional on-premises Exadata Database Machine.
Re-platforming Oracle Databases involves rebuilding databases on upgraded operating systems on new-generation hardware or technology platforms. Re-platforming databases require minimal change to the code structure and ensures no changes in the functionality it provides for existing applications to continue to perform. This allows a re-platform journey to be confined to end-to-end applications for infrastructure validation and performance analysis with minimal downtime.
The main drivers for re-platforming to new generation Oracle Exadata systems are primarily for consolidation to reduce the overall CapEx, and build out an automated secure environment to lower OpEx and keep data secure with an elevated security posture.
Oracle Database is a leading relational database in the market. Customers of all sizes leverage its rich capabilities to propel their business-critical applications. Protecting data is foundational and hence keeping databases at an elevated security posture is quintessential.
There are many aspects to keeping databases secure. Applying all recommended security patches promptly, standardizing Oracle Home configurations, and managing elevated privileges are some examples.This blog showcases a process to assess and apply recommended patches at scale.
Unpatched vulnerabilities are the livelihood of many bad actors. Nearly 50% of the breaches are due to unpatched vulnerabilities according to various reports like Verizon’s annual DBIR. Some surveys indicate similar findings due to databases containing known vulnerabilities.
An effective approach to mitigate such risks on unpatched vulnerabilities involves promptly applying security patches. While this might seem straightforward, ensuring patching efficiently is time-consuming, and error-prone and hence often overlooked due to competing business priorities.
Can Enterprise Manager Cloud Control monitor Oracle WebLogic Server that is set up in the Kubernetes cluster in the Oracle Cloud?
The quick answer to the question is – Yes, Enterprise Manager (EMCC/EM) can monitor WebLogic Server in Oracle Container Engine for Kubernetes (OKE) managed by the WebLogic Kubernetes Operator, for most of the out-of-the-box metrics that come with the Oracle WebLogic management pack enterprise edition license. With the increasing awareness of containerized architecture, this has been a question asked by many WebLogic customers in the past few years, as their interest toward adopting Dockers and Kubernetes continues to grow.
Oracle Enterprise Manager 13.5.0.19 download available on My Oracle Support
Download the latest RU from My Oracle Support: see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1
Large Language Models (LLM’s) and Generative AI systems are rapidly evolving. For the developer, a Generative AI system enables peer programming where the peer is an expert in programming languages, analytics, data modelling, documentation, unit testing and much more. This article explores the use of Oracle APEX and Large Language Models for Text to SQL translation, a common task for every APEX developer. Given a question (in text or spoken form), the Generative AI system is tasked to come up with an Oracle SQL statement that “implements” the question given by the developer. The developer might then want to validate and test or further modify the SQL statement for their needs.
What's cooking at Oracle - Rob Zoeteweij 