Introduction
Omega DB Scanner App for Splunk integrates the Omega DB Scanner software solutions with the Splunk SIEM system.
The assessed security posture of your Oracle databases delivered to Splunk enables storage of your scans results in a central location, visualization and quick access of scan data history; and the assessment of the former can be performed from the graphical interface of our App running on the commodity of the Splunk system.
The Omega DB Scanner App for Splunk provides an Executive, Security Analysts and Operational view of the security posture of the enterprise’s Oracle databases derived from the DATAPLUS solutions.
What’s new in 1.5.0?
1. Real item scan date delivered to Splunk SIEM highlighted
Splunk field _TIME is now provided with the target database scanned vulnerability real date and time (in UTC format).
2. Health by Severity Dashboard Day based highlighted
In the main form Dashboard, the Health by Severity Dashboard has changed from “SCAN_ID” based to date time “Day” based.
3. Scan Compare initialized via Submit button
In the forms Scan Compare, the comparison is now invoked manually by the Submit button introduced.
4. New Scan Summary dashboards added to main forms
Scan Summary dashboard added to forms Dashboard and Scan Data. Comparison Summary dashboard added to form Scan Compare.
5. Full-free-search on Scan Content
In the form Scan Content there is no more need to complete either the Control Summary or the Control Output to retrieve results.
Fixed issues in 1.5.0
Searching has been improved in regard to performance.
Known issues in 1.5.0
Issue 1:
Slave (*) Dropdowns are not cleared of the old choice when master changes. This issue is present in forms “Scan Data” and “Scan Compare”. Slave Dropdown value must be completed manually * in the meaning that “slave” dropdown options are populated depended on the choice made on the “master”.
Issue 2:
Memo-type string field Control Output does not preserve Enter/New Lines characters (which are present) when displayed in Splunk. However the formatting is preserved when seen as raw event!