Oracle Cloud Infrastructure (OCI) Inventory
Overview
The Lacework Console provides visibility into Oracle Cloud Infrastructure (OCI) resources that are integrated with Lacework. A resource can be any entity within the cloud deployment, such as Virtual Machines (Instances), Object Storage, Network, etc.
Use the OCI Resource Inventory to view and monitor in-use OCI resources and configuration changes. Lacework takes regular snapshots of your resources, and you can track configuration changes (diffs) through the Lacework Console.
To access the OCI Resource Inventory page, navigate to Resource Inventory, then select All OCI Resources from the Resource Group drop down.
Supported Resource Types
See OCI Configuration Datasources.
Before you Begin
To populate the OCI Resource Inventory, you must integrate Lacework with your OCI environment.
Resource Summary
Lacework populates this page after at least one OCI integration is configured.
Filters:
- The date/time range filter and any optional filters at top of the page apply to all data displayed on the page.
- If nothing is displayed, consider increasing the date range.
- The column descriptions in the table below also describe the equivalent filters.
Available actions:
- Click Refresh to refresh the table data.
- Click Download to get a CSV file of the table contents.
- Click Select columns to hide or show the set of columns that are displayed in the table.
- Click Search to search for specific content within the table.
The columns / filters on the OCI Resource Inventory page are explained below:
Column / Filter | Description |
---|---|
Resource Name | Displays the name of the OCI resource. Each row in the table represents a resource. Click the name to open the resource’s configuration. |
Service | Displays the OCI service that the resource corresponds to. |
Resource Type | Displays the type of resource. |
Status | Displays the status of data collection from the resource. |
Compartment name | Displays the specific compartment name that the resource type belongs to. |
Compartment ID | Displays the specific compartment identifier that the resource type belongs to. |
Compartment (filter only) | Filter for resources in the selected compartment names/IDs. This filter has a nested view where you can drill down through and select parent/child compartments. |
Region | Displays the region where the resource is located. |
Resource Tags (hidden by default) | Click {...} to view the resource’s tags. |
Recently Updated (24hrs) (hidden by default) | Displays whether there was an update in the last 24 hours. |
Last collected time | Displays the last time data collection was made on the resource. |
Resource Configuration
To view the resource configuration, click a resource name under the Resource Name column.
This page shows the differences between the previous and current configuration of the resource. If the previous configuration for the resource is not found, then only the current configuration is shown.
The following information is shown:
Key | Description |
---|---|
Historical/Latest Configuration | The Lacework generated unique ID for the configuration. If more than two historical configurations exist, click View more to display the Configuration History page. |
Start Time | Displays when data collection started. |
End Time | Displays when data collection ended. |
Changes | A diff of the changes made between the previous and current configuration. |
Available actions:
- Copy the resource name to your clipboard.
- Download the configuration collection details in JSON format.
Configuration History
To open the Configuration History page, click View more below Historical Configuration. This is only available if Lacework has discovered more than two historical configurations on the resource.
Details of the resource are displayed, see Configuration History Resources to compare previous configurations.
Configuration History Resources
Available actions:
- To compare two configurations, select their checkboxes and click Diff configurations.
- Click Refresh to refresh the table data.
- Click Download to get a CSV file of the table contents.
- Click Select columns to hide or show the set of columns that are displayed in the table.
- Click Search to search for specific content within the table.
Each row in the table represents a Lacework generated unique ID for the configuration. The information displayed in the table is explained below:
Column | Description |
---|---|
Configuration | The Lacework generated unique ID for the configuration. Click on the ID to view the configuration. |
Start Time | Displays when data collection started. |
End Time | Displays when data collection ended. |
Asset name (hidden by default) | The Oracle Cloud ID of the resource. |
Status (hidden by default) | Displays the status of data collection from the resource. |
Service (hidden by default) | Displays the OCI service that the resource corresponds to. |
API key (hidden by default) | Displays the OCI API endpoint that was used to gather the data for the configuration change. |
Compartment ID (hidden by default) | Displays the specific compartment identifier that the resource type belongs to. |
Compartment name (hidden by default) | Displays the specific compartment name that the resource type belongs to. |
Parent compartments (hidden by default) | The parent compartment identifiers (if applicable) for the resource configuration. This can include multiple parent and grandparent compartment identifiers to reflect the hierarchical structure of the compartment. |
Resource Type | Displays the type of resource. |
Resource name (hidden by default) | The Oracle Cloud ID of the resource. |
Region (hidden by default) | Displays the region where the resource is located. |
Configuration (hidden by default) | Click {...} to view the configuration. |
Resource Tags (hidden by default) | Click {...} to view the resource’s tags. |
Error type (hidden by default) | The type of error (if applicable) relating to data collection of the resource configuration. |
Error message | The error message (if applicable) relating to data collection of the resource configuration. |
Time Frame for Resource Changes to be Seen
Lacework takes a snapshot of resources on a periodic time frame. Depending on the time that Lacework takes the snapshot, changes may not be captured until up to 24 hours after the changes are made. See the following examples:
- A resource change is made on Monday at 1:00 AM, and Lacework takes a snapshot on Monday at 2:00 AM.
- The snapshot includes the change.
- A resource change is made on Monday at 3:00 AM, but Lacework took a snapshot on Monday at 2:00 AM.
- The snapshot does not include the change.
- The next snapshot on Tuesday at 2:00 AM will capture the change.