Oracle DB

This page contains the setup guide and reference information for Oracle DB.

Features

Feature	Supported?
Full Refresh Sync	Yes
Incremental Sync - Append	Yes
SSH Tunnel Connection	Yes
Namespaces	Yes - Enabled by default

The Oracle source does not alter the schema present in your database. Depending on the destination connected to this source, however, the schema may be altered. See the destination's documentation for more details.

Prerequisites

Oracle 11g or above
Allow connections from Daspire to your Oracle database (if they exist in separate VPCs)
Create a dedicated read-only Daspire user with access to all tables needed for replication (Optional, recommended)

Setup guide

1. Make sure your database is accessible from the machine running Daspire

This is dependent on your networking setup. The easiest way to verify if Daspire is able to connect to your Oracle instance is via the check connection tool in the UI.

2. Create a dedicated read-only user with access to the relevant tables

This step is optional but highly recommended to allow for better permission control and auditing. Alternatively, you can use Daspire with an existing user in your database.

To create a dedicated database user, run the following commands against your database:

CREATE USER daspire IDENTIFIED BY <your_password_here>;
GRANT CREATE SESSION TO daspire;

Next, grant the user read-only access to the relevant tables. The simplest way is to grant read access to all tables in the schema as follows:

GRANT SELECT ANY TABLE TO daspire;

Or you can be more granular:

GRANT SELECT ON "<schema_a>"."<table_1>" TO daspire;
GRANT SELECT ON "<schema_b>"."<table_2>" TO daspire;

Your database user should now be ready for use with Daspire.

3. Include the schemas Daspire should look at when configuring the Oracle source.

Case sensitive. Defaults to the upper-cased user if empty. If the user does not have access to the configured schemas, no tables will be discovered.

Connection via SSH Tunnel

Daspire has the ability to connect to a Oracle instance via an SSH Tunnel. The reason you might want to do this because it is not possible (or against security policy) to connect to the database directly (e.g. it does not have a public IP address).

When using an SSH tunnel, you are configuring Daspire to connect to an intermediate server (a.k.a. a bastion sever) that does have direct access to the database. Daspire connects to the bastion and then asks the bastion to connect directly to the server.

Using this feature requires additional configuration, when creating the source. We will talk through what each piece of configuration means.

Configure all fields for the source as you normally would, except SSH Tunnel Method.
SSH Tunnel Method defaults to No Tunnel (meaning a direct connection). If you want to use an SSH Tunnel choose SSH Key Authentication or Password Authentication.
i. Choose Key Authentication if you will be using an RSA private key as your secret for establishing the SSH Tunnel (see below for more information on generating this key).
ii. Choose Password Authentication if you will be using a password as your secret for establishing the SSH Tunnel.
SSH Tunnel Jump Server Host refers to the intermediate (bastion) server that Daspire will connect to. This should be a hostname or an IP Address.
SSH Connection Port is the port on the bastion server with which to make the SSH connection. The default port for SSH connections is 22, so unless you have explicitly changed something, go with the default.
SSH Login Username is the username that Daspire should use when connection to the bastion server. This is NOT the Oracle username.
If you are using Password Authentication, then SSH Login Username should be set to the password of the User from the previous step. If you are using SSH Key Authentication leave this blank. Again, this is not the Oracle password, but the password for the OS-user that Daspire is using to perform commands on the bastion.
If you are using SSH Key Authentication, then SSH Private Key should be set to the RSA Private Key that you are using to create the SSH connection. This should be the full contents of the key file starting with -----BEGIN RSA PRIVATE KEY----- and ending with -----END RSA PRIVATE KEY-----.

Generating an SSH Key Pair

The connector expects an RSA key in PEM format. To generate this key:

ssh-keygen -t rsa -m PEM -f myuser_rsa

This produces the private key in pem format, and the public key remains in the standard format used by the authorized_keys file on your bastion host. The public key should be added to your bastion host to whichever user you want to use with Daspire. The private key is provided via copy-and-paste to the Daspire connector configuration screen, so it may log in to the bastion.

Encryption options

Daspire has the ability to connect to the Oracle source with 3 network connectivity options:

Unencrypted the connection will be made using the TCP protocol. In this case, all data over the network will be transmitted in unencrypted form.
Native network encryption gives you the ability to encrypt database connections, without the configuration overhead of TCP / IP and SSL / TLS and without the need to open and listen on different ports. In this case, the SQLNET.ENCRYPTION_CLIENT option will always be set as REQUIRED by default: The client or server will only accept encrypted traffic, but the user has the opportunity to choose an Encryption algorithm according to the security policies he needs.
TLS Encrypted (verify certificate) - if this option is selected, data transfer will be transfered using the TLS protocol, taking into account the handshake procedure and certificate verification. To use this option, insert the content of the certificate issued by the server into the SSL PEM file field

Data type mapping

Oracle Type	Daspire Type
`binary_double`	`number`
`binary_float`	`number`
`blob`	`string`
`char`	`string`
`char(3 char)`	`string`
`clob`	`string`
`date`	`string`
`decimal`	`number`
`float`	`number`
`float(5)`	`number`
`integer`	`number`
`interval year to month`	`number`
`long raw`	`number`
`number`	`number`
`number(6, 2)`	`number`
`nvarchar`	`string`
`raw`	`string`
`timestamp`	`string`
`timestamp with local time zone`	`string`
`timestamp with time zone`	`string`
`varchar2`	`string`
`varchar2(256)`	`string`
`xmltype`	`string`

NOTE: If you do not see a type in this list, assume that it is coerced into a string.

Troubleshooting

Max number of tables that can be synced at a time is 6,000. We advise you to adjust your settings if it fails to fetch schema due to max number of tables reached.

Oracle DB

Features​

Prerequisites​

Setup guide​

1. Make sure your database is accessible from the machine running Daspire​

2. Create a dedicated read-only user with access to the relevant tables​

3. Include the schemas Daspire should look at when configuring the Oracle source.​

Connection via SSH Tunnel​

Generating an SSH Key Pair​

Encryption options​

Data type mapping​

Troubleshooting​