Observability & Management services to manage a large Oracle Database fleet

Implementing an observability strategy requires collecting IT environment data such as metrics, logs, events, or traces.  Good, solid Observability means using your data and assets wisely so that you can easily predict outages, excessive use of resources, or applications’ poor performance before they happen.

Being proactive is a must in a distributed environment and saving resources is directly correlated with your budget.  OCI Observability & Management (O&M) provides a strategy to make day-to-day activity easier for both DBAs and IT managers. DBAs should be able to provision PDBs, plug/unplug, and create test and dev environments with a click of a button. IT Managers should be able to provide a forecast of the budget based on current resource utilization and trend analysis.

O&M services improve the communication between teams and departments by offering a single pane of glass options to optimize the interaction. It also makes the resources needed evident by correlating costs for each.  Unlike basic monitoring tools, O&M solutions provide the ability to forecast resource utilization and notify customers days before a resource outage. Here is an example of forecasting of CPU usage, across all databases.

Read the complete article by Erika Sciunzi and Sriram Vrindra

How Comcast enhanced monitoring for MySQL InnoDB Clusters

Comcast is a leading global media and technology company providing connectivity, entertainment, sports, news, and experiences to hundreds of millions of customers worldwide. Our DBA team at Comcast has deployed a robust and highly available Oracle Enterprise Manager (EM) infrastructure to provision, patch, monitor, and support our large Oracle Database DBaaS operations. To monitor our Enterprise Edition MySQL databases, we decided to use EM to leverage its highly reliable infrastructure instead of setting up a separate MySQL Enterprise Monitor (MEM) infrastructure.

In this blog, we share our solution of using Metric Extensions to monitor and alert when InnoDB Cluster member nodes are offline or ejected.

A typical MySQL InnoDB Cluster consists of at least three separate MySQL Server nodes. The MySQL InnoDB Cluster uses MySQL Group Replication technologies to provide virtually synchronous replication among cluster member nodes, along with built-in conflict detection or handling and consistency guarantees across all cluster nodes. It also provides features such as automatic membership management, fault tolerance, automatic failover, and so on.

Please read the complete article by Desiree Abrokwa

Oracle Enterprise Manager 13c Release 5 Update 21 (13.5.0.21) is now available

If you have been following the EM releases for a while, you are familiar with Release Updates (RUs). RUs are the agile way to roll out new EM features and bug fixes, you don’t have to wait for a major release. RUs are versioned with a trailing digit indicating the RU version. Note that RUs are cumulative, which means that the most recent RU includes functionality from all previous release updates. Our general recommendation is to apply the most current RU as soon as possible.

Download the latest RU from My Oracle Support:  see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1 

Read the complete article by Daniella Hansell

Oracle Enterprise Manager 13c Release 5 Update 20 (13.5.0.20) is now available

If you have been following the EM releases for a while, you are familiar with Release Updates (RUs). RUs are the agile way to roll out new EM features and bug fixes, you don’t have to wait for a major release. RUs are versioned with a trailing digit indicating the RU version. Note that RUs are cumulative, which means that the most recent RU includes functionality from all previous release updates. Our general recommendation is to apply the most current RU as soon as possible.

Download the latest RU from My Oracle Support:  see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1 

Read the complete article by Daniela Hansell

Oracle Cloud Infrastructure Logging Analytics best practices series

Oracle Cloud Infrastructure (OCI) Logging Analytics provides advanced tools for log management and analysis, crucial for cost optimization and insightful decision-making. By adopting strategic practices in data retention and understanding the intricacies of storage pricing, businesses can significantly reduce operational expenses. The service’s suite of features, including Log Parsers and Management Agents, enables the transformation of voluminous log data into valuable insights, aiding in application observability, system monitoring, security enhancement, and regulatory compliance. Leveraging these tools efficiently ensures organizations not only optimize their cloud expenses but also gain a competitive edge through data-driven strategies.

In the following blog series, you’ll be equipped with best practices that not only streamline your operations but also ensure that your use of OCI Logging Analytics is as cost-effective as possible. Let’s embark on this journey to maximize efficiency and optimize costs in the realm of cloud log management.

Read the complete article by Royce Fu

Implement automated risk governance, security compliance, and audit reporting for Oracle Databases

Don’t be so quick to place blame on external bad actors, IT, or a database administrator. Sophisticated cyber-attacks have increased in the past few years, and it’s almost an everyday incident, but can your business rule out that it was not someone on the inside versus the outside?

Loss of sensitive data, stolen credentials, identity theft, loss of privacy, and others can be prevented when businesses modernize their database configuration management and security compliance management practices.

Often in IT organizations, the focus of breach prevention is on external actors, yet the risk from internal actors is just as high. Privilege misuse and stolen credentials are the most common intentional actions by internal actors for malicious reasons according to reports like Verizon’s 2023 Data Breach Investigations Report (DBIR).

To truly secure and prevent unauthorized access to sensitive data, automated database configuration, and patching security assessment to known industry security standards and best practices must be implemented on day one of database deployment.

Oracle Enterprise Manager (EM) publishes industry and regulatory security compliance standards such as Center for Internet Security (CIS) Benchmarks and Department of Defense (DoD) Security Technical Implementation Guides (STIG). Your organization can use or customize them to create specific security controls that align with your company’s security policies.

The Center for Internet Security publishes CIS Critical Security Controls (CSC) to help organizations better defend against known attacks by distilling key security concepts into actionable controls to achieve greater overall cybersecurity defense. To make it easy to effectively implement these Controls, CIS created three Implementation Groups (IGs) – IG1 (essential cyber hygiene), IG2 (additional set of safeguards), and IG3 (secure sensitive and confidential data). The recommendation is for enterprises to at least implement controls in Implementation Group 1 (IG1) to ensure essential cyber hygiene.

Oracle Enterprise Manager CIS Benchmarks, included as part of the Database Lifecycle Management (DBLM) pack, supports more than 100 unique security controls covering all three Implementation Groups (IGs) that encompass:

1. Database parameter settings for listeners and databases
2. Oracle connection and login restrictions
3. Database users to check for default passwords.
4. Privileges, grants, and access control to revoke public and excessive privileges.
5. Audit/Logging policies and procedures.

Read the complete article by Shiva Prasad

Re-platform databases to Oracle Exadata Database Machine or Oracle Exadata Cloud using Migration Workbench

Many Enterprises are in the midst of large-scale digital transformation. Strategic projects involve re-platforming of business-critical Applications and underlying database infrastructure to new generation cloud-based technologies like Oracle Exadata Database Service or Exadata Cloud@Customer, and even to traditional on-premises Exadata Database Machine.

Re-platforming Oracle Databases involves rebuilding databases on upgraded operating systems on new-generation hardware or technology platforms. Re-platforming databases require minimal change to the code structure and ensures no changes in the functionality it provides for existing applications to continue to perform.  This allows a re-platform journey to be confined to end-to-end applications for infrastructure validation and performance analysis with minimal downtime.

The main drivers for re-platforming to new generation Oracle Exadata systems are primarily for consolidation to reduce the overall CapEx, and build out an automated secure environment to lower OpEx and keep data secure with an elevated security posture.

Read the complete article by Rajendra Patil

Reduce Database patching effort and elevate security posture with Enterprise Manager

Oracle Database is a leading relational database in the market. Customers of all sizes leverage its rich capabilities to propel their business-critical applications. Protecting data is foundational and hence keeping databases at an elevated security posture is quintessential.

There are many aspects to keeping databases secure. Applying all recommended security patches promptly, standardizing Oracle Home configurations, and managing elevated privileges are some examples.This blog showcases a process to assess and apply recommended patches at scale.

Unpatched vulnerabilities are the livelihood of many bad actors. Nearly 50% of the breaches are due to unpatched vulnerabilities according to various reports like Verizon’s annual DBIR. Some surveys indicate similar findings due to databases containing known vulnerabilities.

An effective approach to mitigate such risks on unpatched vulnerabilities involves promptly applying security patches. While this might seem straightforward, ensuring patching efficiently is time-consuming, and error-prone and hence often overlooked due to competing business priorities. 

Read the complete article by Romit Acharya

Monitor WebLogic on Kubernetes using Oracle Enterprise Manager

Can Enterprise Manager Cloud Control monitor Oracle WebLogic Server that is set up in the Kubernetes cluster in the Oracle Cloud?

The quick answer to the question is – Yes, Enterprise Manager (EMCC/EM) can monitor WebLogic Server in Oracle Container Engine for Kubernetes (OKE) managed by the WebLogic Kubernetes Operator, for most of the out-of-the-box metrics that come with the Oracle WebLogic management pack enterprise edition license. With the increasing awareness of containerized architecture, this has been a question asked by many WebLogic customers in the past few years, as their interest toward adopting Dockers and Kubernetes continues to grow.

Please read the compete article by Yutaka Takatsu

Oracle Enterprise Manager 13c Release 5 Update 19 (13.5.0.19) is now available

Oracle Enterprise Manager 13.5.0.19 download available on My Oracle Support

Download the latest RU from My Oracle Support:  see the EM 13.5 list of RUs, including plug-ins, in Doc ID 2760230.2 and a complete list of multiple versions of RUs and PSUs in Doc ID 1605609.1 

Read the complete article by Daniela Hansell