← ClaudeAtlas

oracle-dba-security-encryption-auditinglisted

USE THIS SKILL WHENEVER the user mentions Oracle security, auditing, encryption, TDE / Transparent Data Encryption, wallet / keystore / TDE key rotation, ADMINISTER KEY MANAGEMENT, Unified or Standard/traditional auditing, audit policies, AUDIT/NOAUDIT, audit trail / AUD$ / UNIFIED_AUDIT_TRAIL / audit purge, failed-login or security-event review, CIS / STIG / security baseline / hardening, default passwords, privilege analysis (DBMS_PRIVILEGE_CAPTURE) / least privilege / unused privileges, sensitive-data discovery / PII, Data Redaction, Virtual Private Database (VPD / DBMS_RLS / row-level security), Database Vault, Audit Vault & Database Firewall (AVDF), network encryption (TLS / SSL / native / sqlnet.ora), security CVE / Critical Patch Update / datapatch, or errors like ORA-28365 (wallet not open), ORA-46630 / ORA-46658 (keystore), ORA-01017 (bad credential) — EVEN IF they do not name the specific task. Covers audit reporting, security-event review, Unified Audit configuration, bounded audit-trail purge, CIS
Shreyas70773/oracle-dba-agentic-skills · ★ 0 · AI & Automation · score 62
Install: claude install-skill Shreyas70773/oracle-dba-agentic-skills
# Oracle DBA - Security, Encryption & Auditing Auditing (Unified + Standard), security monitoring (failed logins, security events), CIS/STIG baseline assessment & reversible remediation, sensitive-data discovery, privilege analysis (least privilege), CVE/patch-level assessment, and the plan-only Tier-3 security-architecture runbooks (TDE, wallet/keystore, key rotation, network encryption, Data Redaction, VPD, Database Vault, AVDF, CVE patch apply) for Oracle 19c and 23ai (EE; single-instance and Data Guard; on-prem). Everything self-executing is **T1 (observe)** or **T2 (reversible, dry-run-default)**. Every encryption/security **architecture build-out and every CVE patch APPLY is T3** and lives only in `references/runbooks.md` — it prints commands for a human and never self-executes. ## Scope & risk map | Task | Level | Tier | Mechanism (script / sql / runbook path) | Idempotent? | |------|-------|------|------------------------------------------|-------------| | Audit report generation | L1 | T1 | `scripts/checks/audit_report.sh` / `.ps1` + `sql/audit_report.sql` | yes — read-only (emits metrics + findings, never mutates) | | Failed login / security event review | L1 | T1 | `scripts/checks/security_event_review.sh` / `.ps1` + `sql/security_events.sql` | yes — read-only | | Standard / Unified Auditing configuration | L2 | T2 | `scripts/configure_unified_audit.sh` / `.ps1` + `sql/unified_audit_manage.sql` (act) + `sql/unified_audit_status.sql` (pre/post) | yes — enable alr