Create Oracle DB user for Qualys Scanner

Create User:

CREATE PROFILE "QUALYS_PROFILE" LIMIT
FAILED_LOGIN_ATTEMPTS 3
PASSWORD_GRACE_TIME 10
PASSWORD_REUSE_TIME UNLIMITED
PASSWORD_LIFE_TIME UNLIMITED PASSWORD_REUSE_MAX 1;

CREATE USER "QUALYS_SCAN" PROFILE "QUALYS_PROFILE"
IDENTIFIED BY "<QUALYS_PASSWORD>" DEFAULT TABLESPACE "USERS" ACCOUNT UNLOCK;

CREATE ROLE "QUALYS_ROLE";
GRANT "QUALYS_ROLE" TO "QUALYS_SCAN";

CREATE OR REPLACE VIEW SYS.QUALYS$KSPPCV (ADDR,INDX,
INST_ID,KSPPSTVL,KSPPSTDF,KSPPSTVF,KSPPSTCMNT) AS
SELECT ADDR,INDX,INST_ID,KSPPSTVL,KSPPSTDF,
KSPPSTVF,KSPPSTCMNT
FROM SYS.X$KSPPCV;

CREATE OR REPLACE VIEW SYS.QUALYS$KSPPI AS
SELECT ADDR,INDX,INST_ID,KSPPINM,KSPPITY,KSPPDESC,KSPPIFLG
FROM SYS.X$KSPPI;

GRANT CREATE SESSION TO QUALYS_ROLE;
GRANT SELECT ON GV_$PARAMETER TO QUALYS_ROLE;
GRANT SELECT ON GV_$INSTANCE TO QUALYS_ROLE;
GRANT SELECT ON DBA_USERS TO QUALYS_ROLE;
GRANT SELECT ON QUALYS$KSPPI TO QUALYS_ROLE;
GRANT SELECT ON QUALYS$KSPPCV TO QUALYS_ROLE;
GRANT SELECT ON DBA_PROFILES TO QUALYS_ROLE;
GRANT SELECT ON DBA_TS_QUOTAS TO QUALYS_ROLE;
GRANT SELECT ON DBA_SYS_PRIVS TO QUALYS_ROLE;
GRANT SELECT ON DBA_TAB_PRIVS TO QUALYS_ROLE;
GRANT SELECT ON DBA_ROLES TO QUALYS_ROLE;
GRANT SELECT ON DBA_ROLE_PRIVS TO QUALYS_ROLE;
GRANT SELECT ON PROXY_USERS TO QUALYS_ROLE;
GRANT SELECT ON DBA_ROLLBACK_SEGS TO QUALYS_ROLE;
GRANT SELECT ON V_$LOG TO QUALYS_ROLE;
GRANT SELECT ON V_$LOGFILE TO QUALYS_ROLE;
GRANT SELECT ON DBA_STMT_AUDIT_OPTS TO QUALYS_ROLE;
GRANT SELECT ON DBA_OBJ_AUDIT_OPTS TO QUALYS_ROLE;
GRANT SELECT ON GV_$DATABASE TO QUALYS_ROLE;
GRANT SELECT ON DBA_COL_PRIVS TO QUALYS_ROLE;
GRANT SELECT ON SYS.REGISTRY$HISTORY TO QUALYS_ROLE;
GRANT SELECT ON DBA_TABLES TO QUALYS_ROLE;
GRANT SELECT ON LINK$ TO QUALYS_ROLE;
GRANT SELECT ON V_$ARCHIVE_DEST TO QUALYS_ROLE;
GRANT SELECT ON V_$CONTROLFILE TO QUALYS_ROLE;
GRANT SELECT ON DBA_DATA_FILES TO QUALYS_ROLE;
GRANT SELECT ON DBA_POLICIES TO QUALYS_ROLE;
GRANT SELECT ON DBA_FGA_AUDIT_TRAIL TO QUALYS_ROLE;
GRANT SELECT ON DBA_VIEWS TO QUALYS_ROLE;
GRANT SELECT ON V_$PARAMETER TO QUALYS_ROLE;
GRANT SELECT ON V_$DBLINK TO QUALYS_ROLE;
GRANT SELECT ON DBA_SCHEDULER_JOBS TO QUALYS_ROLE;
GRANT SELECT ON SYS.USER$ TO QUALYS_ROLE;
GRANT SELECT ON DBA_PROXIES TO QUALYS_ROLE;
GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO QUALYS_ROLE;
GRANT EXECUTE ON DBMS_CRYPTO TO QUALYS_ROLE;
GRANT SELECT ON DBA_SCHEDULER_JOBS TO QUALYS_ROLE;

Please follow and like us:

Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.