Enabling vault access
This feature is available for BMC Helix Operations Management and works with PATROL Agent 23.1 and later.
A vault is a tool designed to control access to sensitive credentials. It can also generate access keys dynamically for specific services or applications.
Vault eliminates hard coded application credentials embedded in applications, configuration files, and allows the sensitive passwords to be centrally stored, logged, and managed within the vault.
PATROL for Oracle Enterprise Database supports using password from vault. When you want to specify credentials while configuring a monitor policy for Oracle Enterprise database , you can use the vault to get the credentials.
PATROL for Oracle Enterprise Database supports the CyberArk vault only.
Before you begin
Enable vault access in PATROL Agent.
For more information, see .
To enable vault access
Add the following pconfig variable to enable vault.
For more information about adding pconfig, see .
/KOE/Oracle/isVaultEnabled = "1", or /KOE/Oracle/<Monitor_TYPE>/isVaultEnabled = "1", or /KOE/Oracle/<Monitor_TYPE>/<ENVIRONMENT_NAME>/isVaultEnabled = "1", or /KOE/Oracle/<Monitor_TYPE>/<ENVIRONMENT_NAME>/<HOST>|<PORT>|<SID>/isVaultEnabled = "1",
You can enable it at the global level, instance level, environment level, and monitor type.
Instance level variable has the highest precedence over other levels. The precedence order is Instance level > environmental level > monitor type > global level.
Following are the examples of different monitor types :
If you are using vault to access the password in BMC Helix Operations Management, enter the query string in the Password and Confirm password field.
Migrating from the existing Oracle authentication process to use vault
Ensure you have enabled the PATROL configuration (pconfig) variables required for vault support. For more information, see
- Edit the monitoring policy created for Oracle enterprise database.
- Search for credentials field and replace the user password with vault query string in the Password and Confirm password field.
- Save the policy.