Skip to main content

Oracle IAM

Details
Content
Dependencies
Version History

Download With Dependencies

A suite of solutions that enables secure user authentication, authorization, identity governance, and access control across enterprise applications and services.

Overview

A robust suite that helps organizations securely manage user identities and control access to critical systems and data. It includes components for authentication, Single Sign-On (SSO), authorization, identity lifecycle management, and federation.

This pack includes

Built-in commands for CRUD (create, read, update, and delete) operations for employee lifecycle processes.
Modeling Rule for Audit Event logs that are ingested via the Broker VM on Cortex XSIAM.
Parsing Rule for timestamp ingestion.
- The ingested Oracle OAM logs can be queried in XQL Search using the oracle_oam_raw dataset.

Supported Timestamp Formats

Ingestion is conducted according to the IAU_TSTZORIGINATING field, in UTC (+0000) format.

Data Collection

Cortex XSIAM side - Broker VM

To create or configure the Broker VM, use the information described here.

Follow the below steps to configure the Broker VM to receive Oracle OAM logs.

Navigate to Settings → Configuration → Data Broker → Broker VMs.
Right-click the broker VM and select DB Collector -> Activate.

When configuring the Database Collector, set:

Parameter	Value
`Rising Column`	Enter IAU_TSTZORIGINATING
`Retrieval value`	Specify the value from where the applet starts querying, e.g; 2025-02-02 10:30:00
`Vendor`	Enter oracle.
`Product`	Enter oam.

You will need to use the information described here.
When configuring the Database Connection the SQL Query should look as follows:

SELECT * FROM <OAM_TABLE>
WHERE IAU_TSTZORIGINATING > ?
ORDER BY IAU_TSTZORIGINATING ASC

Make sure to use the correct value for "Retrieval Value", to match the Rising Column value type.

Integrations

Name	Description
Oracle IAM	Integrate with Oracle's services to execute CRUD and Group operations for employee lifecycle processes.

Integrations

Name	Description
Oracle IAM	Integrate with Oracle's services to execute CRUD and Group operations for employee lifecycle processes.

Modeling Rules

Name	Description
Oracle OAM Modeling Rule

Parsing Rules

Name	Description
Oracle OAM Parsing Rule

1.0.29 - 4155122 (July 13, 2025)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 40489

Download

1.0.28 - 3802487 (June 15, 2025)

Integrations

Oracle IAM

Added support for the 'Preference Center' feature for selected commands.
Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40192

Download

1.0.27 - R3534539 (May 25, 2025)

Integrations

Oracle IAM

Metadata and documentation improvements.

Related pull requests:
- 39078

Download

1.0.26 - R2989425 (March 26, 2025)

Integrations

Oracle IAM

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 38067

Download

1.0.25 - 1718057 (November 28, 2024)

Integrations

Oracle IAM

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.0.24 - R1709192 (November 26, 2024)

Integrations

Oracle IAM

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

1.0.29 - 4155122 (July 13, 2025)

Modeling Rules

New: Oracle OAM Modeling Rule

New: Added a new Modeling Rule- Oracle OAM Modeling Rule that contains an XDM mapping for OAM Audit events.
(Available from Cortex XSIAM v2.6).

Parsing Rules

New: Oracle OAM Parsing Rule

Added a new Parsing Rule- Oracle OAM Parsing Rule that contains timestamp ingestion, using the IAU_TSTZORIGINATING field.
(Available from Cortex XSIAM v2.6).

Related pull requests:
- 40489

Download

1.0.28 - 3802487 (June 15, 2025)

Integrations

Oracle IAM

Added support for the 'Preference Center' feature for selected commands.
Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40192

Download

1.0.27 - R3534539 (May 25, 2025)

Integrations

Oracle IAM

Metadata and documentation improvements.

Related pull requests:
- 39078

Download

1.0.26 - R2989425 (March 26, 2025)

Integrations

Oracle IAM

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 38067

Download

1.0.25 - 1718057 (November 28, 2024)

Integrations

Oracle IAM

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

1.0.24 - R1709192 (November 26, 2024)

Integrations

Oracle IAM

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	September 12, 2021
Last Release	July 13, 2025

Identity And Access Management

Network Security

WORKS WITH THE FOLLOWING INTEGRATIONS:

Oracle IAM

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.