{"id":518,"date":"2022-01-12T16:47:46","date_gmt":"2022-01-12T15:47:46","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/2022\/01\/12\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/"},"modified":"2023-06-20T10:06:51","modified_gmt":"2023-06-20T08:06:51","slug":"oracle-21c-security-diagnostics_control-and-enable-diagnostics","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/","title":{"rendered":"Oracle 21C Security  : diagnostics_control and enable diagnostics"},"content":{"rendered":"<p><strong>By Mouhamadou Diaw<\/strong><\/p>\n<p>Some debug-events and debug-actions are not safe and should be exposed to users with caution. In previous releases, privilege control for the usage of these diagnostics was not sufficient.<\/p>\n<p>With Oracle 21c, regular users can be blocked from using these diagnostics to better support separation of duty.<\/p>\n<p>Indeed with Oracle 21c, we have a new mechanism to control the debug-events and debug-actions through ALTER SESSION and\/or ALTER SYSTEM. This mechanism is implemented by two new features<br \/>\n-ENABLE DIAGNOSTICS system privilege<br \/>\n-DIAGNOSTICS_CONTROL initialization parameter<\/p>\n<p>Let\u2019s see how these features work<br \/>\nAs the DIAGNOSTICS_CONTROL is set to IGNORE, The default behavior is that every user can perform diagnostic tasks without error if he has ALTER SESSION PRIVILEGE<\/p>\n<div>\n<div id=\"highlighter_311905\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; show parameter diagnostics_control<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql keyword\">NAME<\/code>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 <code class=\"sql plain\">TYPE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 VALUE<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">------------------------------------ ----------- ------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">diagnostics_control\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 string\u00a0\u00a0\u00a0\u00a0\u00a0 <\/code><code class=\"sql keyword\">IGNORE<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>Let\u2019s consider the user EDGE with the following privileges<\/p>\n<div>\n<div id=\"highlighter_104681\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt;\u00a0 <\/code><code class=\"sql keyword\">select<\/code> <code class=\"sql plain\">privilege <\/code><code class=\"sql keyword\">from<\/code> <code class=\"sql plain\">dba_sys_privs <\/code><code class=\"sql keyword\">where<\/code> <code class=\"sql plain\">GRANTEE=<\/code><code class=\"sql string\">'EDGE'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">PRIVILEGE<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">----------------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql keyword\">CREATE<\/code> <code class=\"sql keyword\">TABLE<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql keyword\">CREATE<\/code> <code class=\"sql plain\">SESSION<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><\/div>\n<div class=\"line number9 index8 alt2\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>The user EDGE can execute following query<\/p>\n<div>\n<div id=\"highlighter_19391\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<div class=\"line number11 index10 alt2\">11<\/div>\n<div class=\"line number12 index11 alt1\">12<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; show con_name<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">CON_NAME<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">PDB1<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql plain\">SQL&gt; show <\/code><code class=\"sql color2\">user<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql color2\">USER<\/code> <code class=\"sql keyword\">is<\/code> <code class=\"sql string\">\"EDGE\"<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION <\/code><code class=\"sql keyword\">SET<\/code> <code class=\"sql plain\">EVENTS <\/code><code class=\"sql string\">'10046 trace name context forever, level 8'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><\/div>\n<div class=\"line number10 index9 alt1\"><code class=\"sql plain\">Session altered.<\/code><\/div>\n<div class=\"line number11 index10 alt2\"><\/div>\n<div class=\"line number12 index11 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>Let\u2019s now set the DIAGNOSTICS_CONTROL to WARNING<\/p>\n<div>\n<div id=\"highlighter_507736\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">alter<\/code> <code class=\"sql plain\">system <\/code><code class=\"sql keyword\">set<\/code> <code class=\"sql plain\">diagnostics_control=WARNING;<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">System altered.<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">SQL&gt; show parameter diagnostics_control<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql keyword\">NAME<\/code>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 <code class=\"sql plain\">TYPE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 VALUE<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql comments\">------------------------------------ ----------- ------------------------------<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><code class=\"sql plain\">diagnostics_control\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 string\u00a0\u00a0\u00a0\u00a0\u00a0 WARNING<\/code><\/div>\n<div class=\"line number10 index9 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>And let\u2019s retry the SET EVENTS action with the user EDGE<\/p>\n<div>\n<div id=\"highlighter_687840\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<div class=\"line number11 index10 alt2\">11<\/div>\n<div class=\"line number12 index11 alt1\">12<\/div>\n<div class=\"line number13 index12 alt2\">13<\/div>\n<div class=\"line number14 index13 alt1\">14<\/div>\n<div class=\"line number15 index14 alt2\">15<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; show con_name<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">CON_NAME<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">PDB1<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql plain\">SQL&gt; show <\/code><code class=\"sql color2\">user<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql color2\">USER<\/code> <code class=\"sql keyword\">is<\/code> <code class=\"sql string\">\"EDGE\"<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><\/div>\n<div class=\"line number10 index9 alt1\"><\/div>\n<div class=\"line number11 index10 alt2\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION <\/code><code class=\"sql keyword\">SET<\/code> <code class=\"sql plain\">EVENTS <\/code><code class=\"sql string\">'1357 trace name context forever, level 2'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number12 index11 alt1\"><\/div>\n<div class=\"line number13 index12 alt2\"><code class=\"sql plain\">Session altered.<\/code><\/div>\n<div class=\"line number14 index13 alt1\"><\/div>\n<div class=\"line number15 index14 alt2\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>The action is executed but we have an entry in database alert log<\/p>\n<div>\n<div id=\"highlighter_300474\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">2022-01-12T12:56:22.136454+01:00<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><code class=\"sql plain\">PDB1(3):<\/code><code class=\"sql color2\">User<\/code> <code class=\"sql string\">'EDGE'<\/code> <code class=\"sql plain\">has <\/code><code class=\"sql keyword\">set<\/code> <code class=\"sql plain\">the following debug-event(s) <\/code><code class=\"sql keyword\">on<\/code> <code class=\"sql plain\">the event-<\/code><code class=\"sql keyword\">group<\/code> <code class=\"sql string\">'session'<\/code><code class=\"sql plain\">:<\/code><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">PDB1(3):<\/code><code class=\"sql string\">'1357 trace name context forever, level 2'<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql plain\">PDB1(3):<\/code><code class=\"sql keyword\">To<\/code> <code class=\"sql plain\">disable such messages, refer <\/code><code class=\"sql keyword\">to<\/code> <code class=\"sql plain\">documentation about parameter <\/code><code class=\"sql string\">'diagnostics_control'<\/code><code class=\"sql plain\">.<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>Now let\u2019s put the DIAGNOSTICS_CONTROL to ERROR<\/p>\n<div>\n<div id=\"highlighter_755053\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">alter<\/code> <code class=\"sql plain\">system <\/code><code class=\"sql keyword\">set<\/code> <code class=\"sql plain\">diagnostics_control=ERROR;<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">System altered.<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">SQL&gt; show parameter diagnostics_control<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql keyword\">NAME<\/code>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 <code class=\"sql plain\">TYPE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 VALUE<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql comments\">------------------------------------ ----------- ------------------------------<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><code class=\"sql plain\">diagnostics_control\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 string\u00a0\u00a0\u00a0\u00a0\u00a0 ERROR<\/code><\/div>\n<div class=\"line number10 index9 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>And let\u2019s try again the SET EVENTS action with the user EDGE<\/p>\n<div>\n<div id=\"highlighter_930321\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<div class=\"line number11 index10 alt2\">11<\/div>\n<div class=\"line number12 index11 alt1\">12<\/div>\n<div class=\"line number13 index12 alt2\">13<\/div>\n<div class=\"line number14 index13 alt1\">14<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; show con_name<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">CON_NAME<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">PDB1<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql plain\">SQL&gt; show <\/code><code class=\"sql color2\">user<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql color2\">USER<\/code> <code class=\"sql keyword\">is<\/code> <code class=\"sql string\">\"EDGE\"<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION <\/code><code class=\"sql keyword\">SET<\/code> <code class=\"sql plain\">EVENTS <\/code><code class=\"sql string\">'1357 trace name context forever, level 2'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><code class=\"sql plain\">ERROR:<\/code><\/div>\n<div class=\"line number10 index9 alt1\"><code class=\"sql plain\">ORA-01031: insufficient <\/code><code class=\"sql keyword\">privileges<\/code><\/div>\n<div class=\"line number11 index10 alt2\"><code class=\"sql plain\">ORA-49100: Failed <\/code><code class=\"sql keyword\">to<\/code> <code class=\"sql plain\">process event statement [1357 trace <\/code><code class=\"sql keyword\">name<\/code> <code class=\"sql plain\">context forever,<\/code><\/div>\n<div class=\"line number12 index11 alt1\"><code class=\"sql keyword\">level<\/code> <code class=\"sql plain\">2]<\/code><\/div>\n<div class=\"line number13 index12 alt2\"><\/div>\n<div class=\"line number14 index13 alt1\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>We can see that the statement is not executed and that we get an error.<\/p>\n<p>We can conclude than using the parameter DIAGNOSTICS_CONTROL, we can control which users can perform diag events. One can see following in <a href=\"https:\/\/docs.oracle.com\/en\/database\/oracle\/oracle-database\/21\/refrn\/DIAGNOSTICS_CONTROL.html#GUID-FEE54A94-D0AD-4337-AA63-5F63953DC667\" target=\"_blank\" rel=\"noopener\"> Oracle documentation<\/a><\/p>\n<p><em>ERROR: If a user who does not have the SYSDBA or ENABLE DIAGNOSTICS privilege attempts to enable a diagnostic, then the attempt will fail and an ORA-01031: insufficient privileges error appears.<br \/>\nWARNING: A user who does not have the SYSDBA or ENABLE DIAGNOSTICS privilege will be able to enable a diagnostic, but a warning message is written to an alert log. The warning message is similar to the following:<br \/>\nIGNORE: The user can perform the diagnostic task without any error messages appearing. This setting is the default.<\/em><\/p>\n<p>But how if I want to set the parameter to ERROR and want to allow some non-DBA users to perform diag events? Just grant them the new system privilege ENABLE DIAGNOSTICS.<br \/>\nLet do a test.<\/p>\n<div>\n<div id=\"highlighter_698057\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<div class=\"line number11 index10 alt2\">11<\/div>\n<div class=\"line number12 index11 alt1\">12<\/div>\n<div class=\"line number13 index12 alt2\">13<\/div>\n<div class=\"line number14 index13 alt1\">14<\/div>\n<div class=\"line number15 index14 alt2\">15<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt;\u00a0 <\/code><code class=\"sql keyword\">select<\/code> <code class=\"sql plain\">privilege <\/code><code class=\"sql keyword\">from<\/code> <code class=\"sql plain\">dba_sys_privs <\/code><code class=\"sql keyword\">where<\/code> <code class=\"sql plain\">GRANTEE=<\/code><code class=\"sql string\">'EDGE'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">PRIVILEGE<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">----------------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">ENABLE DIAGNOSTICS<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql keyword\">CREATE<\/code> <code class=\"sql keyword\">TABLE<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><code class=\"sql keyword\">CREATE<\/code> <code class=\"sql plain\">SESSION<\/code><\/div>\n<div class=\"line number9 index8 alt2\"><\/div>\n<div class=\"line number10 index9 alt1\"><code class=\"sql plain\">SQL&gt; show parameter diagnostics_control<\/code><\/div>\n<div class=\"line number11 index10 alt2\"><\/div>\n<div class=\"line number12 index11 alt1\"><code class=\"sql keyword\">NAME<\/code>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 <code class=\"sql plain\">TYPE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 VALUE<\/code><\/div>\n<div class=\"line number13 index12 alt2\"><code class=\"sql comments\">------------------------------------ ----------- ------------------------------<\/code><\/div>\n<div class=\"line number14 index13 alt1\"><code class=\"sql plain\">diagnostics_control\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 string\u00a0\u00a0\u00a0\u00a0\u00a0 ERROR<\/code><\/div>\n<div class=\"line number15 index14 alt2\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>And now let\u2019s do a diag event<\/p>\n<div>\n<div id=\"highlighter_238179\" class=\"syntaxhighlighter  sql\">\n<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"gutter\">\n<div class=\"line number1 index0 alt2\">1<\/div>\n<div class=\"line number2 index1 alt1\">2<\/div>\n<div class=\"line number3 index2 alt2\">3<\/div>\n<div class=\"line number4 index3 alt1\">4<\/div>\n<div class=\"line number5 index4 alt2\">5<\/div>\n<div class=\"line number6 index5 alt1\">6<\/div>\n<div class=\"line number7 index6 alt2\">7<\/div>\n<div class=\"line number8 index7 alt1\">8<\/div>\n<div class=\"line number9 index8 alt2\">9<\/div>\n<div class=\"line number10 index9 alt1\">10<\/div>\n<div class=\"line number11 index10 alt2\">11<\/div>\n<div class=\"line number12 index11 alt1\">12<\/div>\n<div class=\"line number13 index12 alt2\">13<\/div>\n<\/td>\n<td class=\"code\">\n<div class=\"container\">\n<div class=\"line number1 index0 alt2\"><code class=\"sql plain\">SQL&gt; show con_name<\/code><\/div>\n<div class=\"line number2 index1 alt1\"><\/div>\n<div class=\"line number3 index2 alt2\"><code class=\"sql plain\">CON_NAME<\/code><\/div>\n<div class=\"line number4 index3 alt1\"><code class=\"sql comments\">------------------------------<\/code><\/div>\n<div class=\"line number5 index4 alt2\"><code class=\"sql plain\">PDB1<\/code><\/div>\n<div class=\"line number6 index5 alt1\"><code class=\"sql plain\">SQL&gt; show <\/code><code class=\"sql color2\">user<\/code><\/div>\n<div class=\"line number7 index6 alt2\"><code class=\"sql color2\">USER<\/code> <code class=\"sql keyword\">is<\/code> <code class=\"sql string\">\"EDGE\"<\/code><\/div>\n<div class=\"line number8 index7 alt1\"><\/div>\n<div class=\"line number9 index8 alt2\"><code class=\"sql plain\">SQL&gt; <\/code><code class=\"sql keyword\">ALTER<\/code> <code class=\"sql plain\">SESSION <\/code><code class=\"sql keyword\">SET<\/code> <code class=\"sql plain\">EVENTS <\/code><code class=\"sql string\">'1357 trace name context forever, level 2'<\/code><code class=\"sql plain\">;<\/code><\/div>\n<div class=\"line number10 index9 alt1\"><\/div>\n<div class=\"line number11 index10 alt2\"><code class=\"sql plain\">Session altered.<\/code><\/div>\n<div class=\"line number12 index11 alt1\"><\/div>\n<div class=\"line number13 index12 alt2\"><code class=\"sql plain\">SQL&gt;<\/code><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p>As now EDGE has the privilege ENABLE DIAGNOSTICS, he can perform diag events even if the DIAGNOSTICS_CONTROL is set to ERROR.<\/p>\n<h3>Conclusion<\/h3>\n<p>This new feature can be very useful to limit the users who can perform diag actions. More information can be found in the <a href=\"https:\/\/docs.oracle.com\/en\/database\/oracle\/oracle-database\/21\/refrn\/DIAGNOSTICS_CONTROL.html#GUID-FEE54A94-D0AD-4337-AA63-5F63953DC667\" target=\"_blank\" rel=\"noopener\"> Oracle documentation<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Mouhamadou Diaw Some debug-events and debug-actions are not safe and should be exposed to users with caution. In previous releases, privilege control for the usage of these diagnostics was not sufficient. With Oracle 21c, regular users can be blocked from using these diagnostics to better support separation of duty. Indeed with Oracle 21c, we [&hellip;]<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229,198,59],"tags":[136,137,138,25],"type_dbi":[],"class_list":["post-518","post","type-post","status-publish","format-standard","hentry","category-database-administration-monitoring","category-database-management","category-oracle","tag-diagnostic","tag-oracle-21c","tag-oracle-21c-new-features","tag-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Oracle 21C Security : diagnostics_control and enable diagnostics - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Oracle 21C Security : diagnostics_control and enable diagnostics\" \/>\n<meta property=\"og:description\" content=\"By Mouhamadou Diaw Some debug-events and debug-actions are not safe and should be exposed to users with caution. In previous releases, privilege control for the usage of these diagnostics was not sufficient. With Oracle 21c, regular users can be blocked from using these diagnostics to better support separation of duty. Indeed with Oracle 21c, we [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-12T15:47:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-20T08:06:51+00:00\" \/>\n<meta name=\"author\" content=\"Oracle Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Oracle Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\"},\"author\":{\"name\":\"Oracle Team\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\"},\"headline\":\"Oracle 21C Security : diagnostics_control and enable diagnostics\",\"datePublished\":\"2022-01-12T15:47:46+00:00\",\"dateModified\":\"2023-06-20T08:06:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\"},\"wordCount\":421,\"commentCount\":0,\"keywords\":[\"Diagnostic\",\"Oracle 21C\",\"Oracle 21c New features\",\"Security\"],\"articleSection\":[\"Database Administration &amp; Monitoring\",\"Database management\",\"Oracle\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\",\"name\":\"Oracle 21C Security : diagnostics_control and enable diagnostics - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"datePublished\":\"2022-01-12T15:47:46+00:00\",\"dateModified\":\"2023-06-20T08:06:51+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Oracle 21C Security : diagnostics_control and enable diagnostics\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee\",\"name\":\"Oracle Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g\",\"caption\":\"Oracle Team\"},\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/oracle-team\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Oracle 21C Security : diagnostics_control and enable diagnostics - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/","og_locale":"en_US","og_type":"article","og_title":"Oracle 21C Security : diagnostics_control and enable diagnostics","og_description":"By Mouhamadou Diaw Some debug-events and debug-actions are not safe and should be exposed to users with caution. In previous releases, privilege control for the usage of these diagnostics was not sufficient. With Oracle 21c, regular users can be blocked from using these diagnostics to better support separation of duty. Indeed with Oracle 21c, we [&hellip;]","og_url":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/","og_site_name":"dbi Blog","article_published_time":"2022-01-12T15:47:46+00:00","article_modified_time":"2023-06-20T08:06:51+00:00","author":"Oracle Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Oracle Team","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/"},"author":{"name":"Oracle Team","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee"},"headline":"Oracle 21C Security : diagnostics_control and enable diagnostics","datePublished":"2022-01-12T15:47:46+00:00","dateModified":"2023-06-20T08:06:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/"},"wordCount":421,"commentCount":0,"keywords":["Diagnostic","Oracle 21C","Oracle 21c New features","Security"],"articleSection":["Database Administration &amp; Monitoring","Database management","Oracle"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/","url":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/","name":"Oracle 21C Security : diagnostics_control and enable diagnostics - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"datePublished":"2022-01-12T15:47:46+00:00","dateModified":"2023-06-20T08:06:51+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/oracle-21c-security-diagnostics_control-and-enable-diagnostics\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Oracle 21C Security : diagnostics_control and enable diagnostics"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/66ab87129f2d357f09971bc7936a77ee","name":"Oracle Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f711f7cd2c9b09bf2627133755b569fb5be0694810cfd33033bdd095fedba86d?s=96&d=mm&r=g","caption":"Oracle Team"},"url":"https:\/\/www.dbi-services.com\/blog\/author\/oracle-team\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/518","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=518"}],"version-history":[{"count":3,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/518\/revisions"}],"predecessor-version":[{"id":26123,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/518\/revisions\/26123"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=518"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=518"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=518"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=518"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}