Skip navigation

Thanks to the OMC team I received my own OMC trial environments to set up some experiments. Looking through the OMC I saw some familiar components such as synthetic tests, and here and there some components that are used in  Oracle RUEI.

The possibilities are huge in OMC, which I will discuss in a later stage, but something I wanted to try out was if  I could create a mechanism to detect if a hackers collective was trying to break into a web applications by using some sort of a password attack.

 

My ingredients:

  • An Oracle Java Cloud Service containig a WebLogic 12c domain, hosting Web applications
  • An Oracle Management Cloud subscription, with the following components:
    • Application Performance management
    • Log Analytics
    • IT Analytics
    • Infrastructure Monitoring

 

Setup the basic needs

Before you can use the OMC some basic steps need to be done. These steps contain:

  • Install the APM agent
  • Install the Cloud agent
  • Enable and register the agents on my JCS environment to the OMC

 

Install the APM Agent

Of course, there is no agent software package, so first of all the software needs to be downloaded. The basic script can be downloaded from you OMC environment:

The script you can place on the servers of your JCS instance, in my case: the database, WebLogic and Oracle Traffic Director

 

After unzipped, the agent download can begin:

Cloud agent:

Java APM Agent:

The registration keys you can obtain in OMC, in the Administration TAB.

 

Then you enter the stage locations and install the agents

./AgentInstall.sh AGENT_TYPE=apm_java_as_agent AGENT_REGISTRATION_KEY=***************************** AGENT_BASE_DIR=/u01/app/oracle/tools/paas/state/homes/oracle/omc_cloud_agent  -staged
./AgentInstall.sh AGENT_TYPE=cloud_agent AGENT_REGISTRATION_KEY=************************* AGENT_BASE_DIR=/u01/app/oracle/tools/paas/state/homes/oracle/omc_cloud_agent  -staged

 

Adding the entities

Oracle provides JSON files for every type of environment which you can use to add your environment specifics to OMC, my example for JCS:

{
    "entities":
[
{
        "name":"QJCS01_server_1",
        "type":"omc_weblogic_j2eeserver",
        "displayName":"QJCS01 Managed Server 1 ",
        "timezoneRegion":"CET",
        "properties":{
                "host_name":
                        {"displayName":"Weblogic Host","value":"qjcs01-wls-1.compute-gse00003036.oraclecloud.internal"},
                "domain_home":
                        {"displayName":"Domain Home","value":"/u01/data/domains/QJCS01_domain"},
                "listen_port":
                        {"displayName":"Listen Port","value":"9073"},
                "listen_port_enabled":
                        {"displayName":"Listen Port Enabled","value":"true"},
                "ssl_listen_port":
                        {"displayName":"SSL Listen Port","value":"9074"},
"server_names":
{"displayName":"Server Names","value":"QJCS01_server_1"}
        },
        "associations":[
                { "assocType":"omc_monitored_by",
                  "sourceEntityName":"QJCS01_d_server_1",
                  "sourceEntityType":"omc_weblogic_j2eeserver",
                  "destEntityName":"QJCS01_domain",
                  "destEntityType":"omc_weblogic_domain"}
        ]
}
]

Together with a JSON credential file you can add all to OMC:

u01/app/oracle/tools/paas/state/homes/oracle/omc_cloud_agent/agent_inst/bin/omcli add_entity agent /u01/app/oracle/tools/paas/state/homes/oracle/omc_cloud_agent/my_entities/qjcs01_domain.json -credential_file cred.json

 

I repeated these steps for my Database and Traffic Director, using their specific JSON files.

 

After adding the entities, you need to provision the APM agent using the script from your APM stage directory:

./ProvisionApmJavaAsAgent.sh -d /u01/data/domains/QJCS01_domain -no-wallet

 

And add  the APM jars to the domain, in the startWebLogic.sh( and restart the WebLogic domain)

 

JAVA_OPTIONS="${JAVA_OPTIONS} -javaagent:${DOMAIN_HOME}/apmagent/lib/system/ApmAgentInstrumentation.jar"
SAVE_JAVA_OPTIONS="${JAVA_OPTIONS}"

 

If all goes OK, you can see your agents being registered in OMC:

 

Now the basic steps are finished. As you click through the OMC, loads of information is already generated from your JCS instance

 

Log Analytics - detect a pattern

 

Now a simple use case: I wanted to discover if users try either unauthenticated(HTTP 401) or unauthorized(HTTP403) access a webapplication. I deployed a simple web application, and some users with different roles, to be able to test with it.

Some users had more permissions than others, so I could test between them.

Second, I wanted a huge load of performing these actions:

  • Accessing the webpage, try to login and do some action ( legal or illegal ).
  • Or try to login with a wrong password

 

For this I created a simple JMeter script to access the webpage and login, and the action within the session, which was an task to close an office, which was only permitted with someone with the managers role

 

I let this script run continuously, to generate the data I needed

 

 

Using  log analytics

A first step to make use of log analytics is that I analyzed the access logs, which gave a clear view of the loads of HTTP 401 and 403 errors.

Now these can happen on every website, and there should be nothing to worry about, but in this case,  a large volume of these errors passed, so this cannot be a mistake or a human error,

I clicked on the log analytics, selected the WebLogic domain which runs in the cloud, and selected in the pie chart the access logs

Then, In the left tab, the field Security Result

 

 

Note that denied count is very high. Next step was to save this search, and very cool was that I could create an alert out of it.

 

And I recieved a mailt with this specific alert, and one at the time the JMeter test had stopped, as that the alert had been cleared

 

Now this is a very first basic step I used OMC to detect hostile actions, so next time I will dive more deeper into all the great features!

This years Community organized by Oracle for it's partners took place in Split, Croatia, a very nice Mediterranean area, which we encountered during the city tour on Tuesday evening.

However, we did not came just for the fun, but to meet and greet other partners, share and absorb knowledge which is evident for companies to serve their customers, explore new technologies and methods, and have a sneak peak in another partners " kitchen", in a week of 5 days program: 1-3 General sessions, 4-5 Handson Workshops, Partner Awards and some networking events. Partners attended from all over the world: EMEA, US, Latin America, Down Under

 

The forum, formerly known as Oracle Fusion Middleware Partner forum has been “ lifted and shifted “ to the Cloud – PaaS the last years, so the focus of the content during this week was all about Oracle's Cloud products, but someone who pays good attention, can also extract the deeper content out of it, to what is useful for ones personally.

For me, I had a double role: of course attend and do knowledge sharing and absorbing for the company I'm into, but also tell something about the successful Oracle Process Cloud implementation my company did in 2016. A lot of these success stories, about developing technologies based on the cloud we're held on Monday during the so-called ACE Sessions.

 

As the forum already indicates, it was all about PaaS, and the presented content was done by VPs, directors and Product Managers from Oracle such as Vikas Anand, Robert Wunderlich and Jean-Marc Gottero. But also the partners had some interesting presentations, presenting about their solutions in all kinds of areas in the Oracle Cloud. The presentations handled about the following topics:

  • Agile DevOps
    • Handled about the DevOps Agility and methodology, and how the Oracle Developer Cloud fulfill a role in bringing  " DevOps"  uptp speed for a software company.
  • API APIPCS and API Management
    • A very interesting subject all about API and the Cloud Services, where all the benefits of APIs and management were brought, such as better security and protection, monitoring, discovery, the new Apiary platform. Also an overview of the existing and coming features; the API firewall caught my attention, and also the monitoring capacities, where I can see great capabilities in combination with  OMC (author sidenote).
  • ICS
    • A session about best practices around implementing integration patterns using ICS, with a clear mind about when to use ICS, and to see that ICS has an overlap with many other PaaS platforms, which is to be expected from an integration point of view Interesting was the topic about exposing databases using REST
  • IoT
    • Apart from the role IoT is already playing nowadays, it is also interesting to see how the combination and integration with cloud fits in, such as the Asset Monitoring Cloud Service where connected devices can be monitored by their location, performance, health and utilization. A very good use case about a companies production floor where every asset is being watched so that any disturbance in the production line can be detected in an early stage.
  • JCS
    • "WebLogic Server in the cloud" has become more mature with all the features you also use when running on premise, but a  lot of work is aready done for you. An overview of the tooling, the DevOps integration and methodologies are embraced as expected by the JCS. Important to know that a lot of the on premise multitenancy features are also available in JCS, and tools and methods to transfer your on premise WebLogic server to the cloud using the DPCT tool.
  • OMC
    • The Oracle Management Cloud has a lot of cool features such as Application Performance monitoring, Log Analytics for trouble shooting, performance analysis, and some other great features like end customer experiences by performing synthetic tests which can absorbe recorded actions users do ( these are some great features from RUEI)
  • PCS
    • PCS - Qualogys sucessfull implementation in the Netherlands. In thr months before I had some discussions with Jurgen and the PCS team but finally we decided I would be the spokesmen to tell  a short overview of what we have been doing

Our customer is a lower/ midsize municipality in the Netherlands and had a lack of insight in personnel manpower, and because of this the onboarding of new personell got stuck. New personnel got  registered in  different systems using different methods, even on an Excel spreadsheet. The Management information was very poor, no relationship between budgets and manpower, and there we're differences between systems regarding financial budgets and accountability.

 

To overcome this we build this solution using the Oracle Process Cloud, working togehther with Qualogy's Forceview HRM solution in the cloud

The PCS team constructed one process to:

  • Register all staff data into one system
  • One uniform way of informing the organization when there are changes
  • Good  quality and coherent management information

 

And all done by:

  • Having no delay in rolling it out
  • Having direct contact with the business about wishes and requirements
  • Using Oracle Process Cloud Service and Qualogy ’s Forceview

 

Screenshot of the PCS environment:

 

 

 

I also told this in a video interview which will soon be published on Oracle's Youtube channel, I keep you updated about that!