User Permissions for Oracle

For versions of Oracle 10g and later

The following permissions are required for the Oracle user:

  • CREATE SESSION
  • SELECT_CATALOG_ROLE

To create a user with these permissions, you can run the following SQL. In this SQL, change "password" to a safe and secure password, and change the tablespace names, "users" and "temp" to those available in your Oracle instance. 

CREATE USER DBMon_Agent_User IDENTIFIED BY password default tablespace users temporary tablespace temp; GRANT CREATE SESSION, SELECT_CATALOG_ROLE TO DBMon_Agent_User;

where DBMon_Agent_User is the user name under which you run the Database Visibility Agent.

For versions of Oracle 12c and later with Multitenant Container Database Option enabled

The following permissions are required for the Oracle user:

  • CREATE SESSION
  • SELECT_CATALOG_ROLE

To create a user with these permissions, you can run the following SQL. In this SQL, change "password" to a safe and secure password, and change the tablespace names, "users" and "temp" to those available in your Oracle instance. 

CREATE USER C##DBMon_Agent_User IDENTIFIED BY password default tablespace users temporary tablespace temp CONTAINER=ALL; GRANT CREATE SESSION, SELECT_CATALOG_ROLE TO C##DBMon_Agent_User CONTAINER=ALL; ALTER USER C##DBMon_Agent_User QUOTA 100M ON USERS; alter user C##DBMON_AGENT_USER set container_data=all container=current;

Permissions Required for Oracle Explain Plans

To generate an execution plan for a specified query, paste the query text into the Explain another query box. You must provide a plan table in the Splunk AppDynamics monitoring user's schema. You can find a sample output table named PLAN_TABLE in the UTLXPLAN.SQL script. To update or view the plan table, you need INSERT and SELECT privileges. To explain a query, you need access privileges for the tables and views included in that query.

Splunk AppDynamics Database Visibility can generate explain plans within its SQL drill-down window. To enable this functionality, you must have a plan table accessible to the Splunk AppDynamics Database Visibility schema user. You can create this plan table with the following command from sqlplus when logged on as the Splunk AppDynamics Database Visibility user:

Windows:
@?\rdbms\admin\utlxplan.sql
Linux:
@?/rdbms/admin/utlxplan.sql

Permissions for individual views and tables

You can grant permission to individual views and tables even if the SELECT_CATALOG_ROLE permission is not available to your organization.

  1. Execute permissions on dbms_application_info.set_module.
  2. Select permissions on the following privileges:
    • dba_data_files
    • dba_free_space
    • dba_ind_columns
    • dba_indexes
    • dba_objects
    • dba_procedures
    • dba_segments
    • dba_sequences
    • dba_synonyms
    • dba_recyclebin
    • dba_tab_columns
    • dba_tables
    • dba_users
    • dba_views
    • gv$instance
    • gv$containers
    • gv$parametergv$pdbs
    • gv$services
    • v$archive_dest
    • v$archive_dest_status
    • v$con_sysmetric
    • v$database
    • v$datafile
    • v$event_name
    • v$instance
    • v$license
    • v$logv$osstat
    • v$parameter
    • v$processv$rowcache
    • v$session
    • v$sesstat
    • v$session_wait
    • v$sga
    • v$sql
    • v$sql_plan
    • v$sqlstats
    • v$sqltext
    • v$statname
    • v$sysmetric
    • v$sysstat
    • v$system_event
Important: When you are granting access to v$ views, you must grant SELECT on the underlying objects, which are named using the v_$ format, e.g. GRANT SELECT on v_$archive_dest.