Single script for internal Audit report.

###################################################################################
###
# Author: Sairam Yannam
# Purpose: Single script for internal Audit report.
#
###################################################################################
###

if [ -f /home/$USER/.profile ]; then
. /home/$USER/.profile
fi

if [ -f /home/$USER/.bash_profile ]; then
. /home/$USER/.bash_profile
fi

#TS=$(date "+%Y_%m_%d_%H_%M_%S")
TS="`date '+%Y_%m'_%d_%H_%M_%S`"
mv /tmp/audit_${ORACLE_SID}.txt /tmp/audit_${ORACLE_SID}_${TS}

ebs_audit () {
sqlplus -s "/as sysdba" << !
set auto off echo off feed off
spool /tmp/audit_${ORACLE_SID}.txt
prompt '1. Audit Report from Below Database:'
select instance_name,version from v\$instance;

prompt '**************************************************************'
prompt '**************************************************************'

prompt '2. SYS, SYSTEM, APPS, APPLSYS last password change Time Stamp: '
select name username, ptime password_last_updated from user$ where name in
('SYS','SYSTEM','APPS','APPLSYS');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '3. TIDALORA, SYSADMIN last password change Time Stamp: '
SELECT USER_NAME,LAST_UPDATE_DATE FROM APPS.FND_USER WHERE USER_NAME in
('TIDALORA','SYSADMIN');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '4. DBA Role Granted to below users: '

prompt '**************************************************************'
prompt '**************************************************************'

set pages 600

set lines 200

select db.name, p.grantee, p.granted_role, p.default_role, p.admin_option,

u.account_status, u.default_tablespace, u.created, u.lock_date
from dba_role_privs p, dba_users u, v\$database db
 where p.grantee=u.username and granted_role = 'DBA'
order by p.grantee;

prompt '5. DB Users with account status and profile assigned: '
prompt '**************************************************************'
prompt '**************************************************************'

select distinct USERNAME,ACCOUNT_STATUS,PROFILE from dba_users;

prompt '6. Sysadmin responsibility assigned to users with enddate: '

prompt '**************************************************************'
prompt '**************************************************************'

col USER_NAME for a20

col RESPONSIBILITY_NAME for a40
set pages 600
set lines 200

SELECT fu.user_id, fu.user_name, fur.responsibility_id, fr.responsibility_name,

fu.LAST_LOGON_DATE, fu.start_date, fu.end_date FROM apps.fnd_user fu,
apps.fnd_user_resp_groups fur, apps.fnd_responsibility_vl fr WHERE fu.user_id =
fur.user_id AND fr.application_id = fur.responsibility_application_id AND
fr.responsibility_id = fur.responsibility_id AND TRUNC (SYSDATE) BETWEEN TRUNC
(fr.start_date) AND TRUNC (NVL ((fr.end_date - 1), SYSDATE)) AND TRUNC (SYSDATE)
BETWEEN TRUNC (fur.start_date) AND TRUNC (NVL ((fur.end_date - 1), SYSDATE)) AND
(fr.responsibility_name like '%System%Administrator%' or
fr.responsibility_name='DBD_DSUG') ORDER BY user_name;
exit;
!
echo $ORACLE_SID
}

gbi_audit () {
sqlplus -s "/as sysdba" << !
set auto off echo off feed off
spool /tmp/audit_${ORACLE_SID}.txt
prompt '1. Audit Report from Below Database:'
select instance_name,version from v\$instance;

prompt '**************************************************************'
prompt '**************************************************************'

prompt '2. SYS, SYSTEM, APPS, APPLSYS last password change Time Stamp: '
select name username, ptime password_last_updated from user$ where name in
('SYS','SYSTEM');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '4. DBA Role Granted to below users: '

prompt '**************************************************************'
prompt '**************************************************************'

set pages 600

set lines 200

select db.name, p.grantee, p.granted_role, p.default_role, p.admin_option,

u.account_status, u.default_tablespace, u.created, u.lock_date
from dba_role_privs p, dba_users u, v\$database db
where p.grantee=u.username and granted_role = 'DBA'
order by p.grantee;

prompt '5. DB Users with account status and profile assigned: '
prompt '**************************************************************'
prompt '**************************************************************'

select distinct USERNAME,ACCOUNT_STATUS,PROFILE from dba_users;

exit ;

!
echo $ORACLE_SID
}
grc_audit () {
sqlplus -s "/as sysdba" << !
set auto off echo off feed off
spool /tmp/audit_${ORACLE_SID}.txt
prompt '1. Audit Report from Below Database:'
select instance_name,version from v\$instance;

prompt '**************************************************************'
prompt '**************************************************************'

prompt '2. SYS, SYSTEM, GRCC_USER last password change Time Stamp: '
select name username, ptime password_last_updated from user$ where name in
('SYS','SYSTEM','GRCC_USER');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '3. DBA Role Granted to below users: '

prompt '**************************************************************'
prompt '**************************************************************'

set pages 600

set lines 200

select db.name, p.grantee, p.granted_role, p.default_role, p.admin_option,

u.account_status, u.default_tablespace, u.created, u.lock_date
from dba_role_privs p, dba_users u, v\$database db
where p.grantee=u.username and granted_role = 'DBA'
order by p.grantee;

prompt '4. GRC Application users: '

prompt '**************************************************************'
prompt '**************************************************************'

set lines 180

col name for a20
col first_name for a20
col last_name for a20
SELECT gr.NAME,gr.FIRST_NAME,gr.LAST_NAME,gr.START_DATE,gr.END_DATE, DECODE
(gr.status,'41','INACTIVE','40','ACTIVE')status FROM GRCC_USER.GRC_SEC_USER gr ;
exit;
!
}
ccg_audit () {
sqlplus -s "/as sysdba" << !
set auto off echo off feed off
spool /tmp/audit_${ORACLE_SID}.txt
prompt '1. Audit Report from Below Database:'
select instance_name,version from v\$instance;

prompt '**************************************************************'
prompt '**************************************************************'

prompt '2. SYS, SYSTEM, AMHOME last password change Time Stamp: '
select name username, ptime password_last_updated from user$ where name in
('SYS','SYSTEM','AMHOME');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '3. DBA Role Granted to below users: '

prompt '**************************************************************'
prompt '**************************************************************'

set pages 600

set lines 200

select db.name, p.grantee, p.granted_role, p.default_role, p.admin_option,

u.account_status, u.default_tablespace, u.created, u.lock_date
from dba_role_privs p, dba_users u, v\$database db
where p.grantee=u.username and granted_role = 'DBA'
order by p.grantee;

prompt '4. CCG Application users: '

prompt '**************************************************************'
prompt '**************************************************************'

set lines 180

col USER_NAME for a20
col FULL_NAME for a25
col ORGANIZATION_NAME for a20
select us.user_name,
us.full_name,us.organization_name,us.enabled_flag,us.start_date_active,us.end_date_
active
from amhome.am_users us ;
exit;
!
}

siebel_audit () {
sqlplus -s "/as sysdba" << !
set auto off echo off feed off
spool /tmp/audit_${ORACLE_SID}.txt
prompt '1. Audit Report from Below Database:'
select instance_name,version from v\$instance;

prompt '**************************************************************'
prompt '**************************************************************'

prompt '2. SYS, SYSTEM, APPS, APPLSYS last password change Time Stamp: '
select name username, ptime password_last_updated from user$ where name in
('SYS','SYSTEM','SADMIN','SIEBEL','SIEBFACTS','SIEBCONV','SIEBINT');

prompt '**************************************************************'
prompt '**************************************************************'

prompt '4. DBA Role Granted to below users: '

prompt '**************************************************************'
prompt '**************************************************************'

set pages 600

set lines 200

select db.name, p.grantee, p.granted_role, p.default_role, p.admin_option,

u.account_status, u.default_tablespace, u.created, u.lock_date
from dba_role_privs p, dba_users u, v\$database db
where p.grantee=u.username and granted_role = 'DBA'
order by p.grantee;

prompt '5. DB Users with account status and profile assigned: '
prompt '**************************************************************'
prompt '**************************************************************'

select distinct USERNAME,ACCOUNT_STATUS,PROFILE from dba_users;

exit ;

!
echo $ORACLE_SID
}

COUNT=`echo $USER |grep grc |wc -l`

if [ "$COUNT" = 1 ]
then
. ~/*env
grc_audit
echo $ORACLE_SID
exit 0
fi

COUNT=`echo $USER |grep ccg |wc -l`

if [ "$COUNT" = 1 ]
then
. ~/*env
ccg_audit
echo $ORACLE_SID
exit 0
fi

COUNT=`echo $USER |grep gbi |wc -l`

if [ "$COUNT" = 1 ]
then
gbi_audit
echo $ORACLE_SID
exit 0
fi
COUNT=`echo $USER |grep prod14 |wc -l`
if [ "$COUNT" = 1 ]
then
siebel_audit
echo $ORACLE_SID
exit 0
fi

ebs_audit