Howdy,
Running the DB Health Check on a 12.1.0.2 database, there appears to be some options that could use updating. e.g.:
-- "Hidden Users" returns ORA-1031 without explicit access to SYS.USER$ as of 12.1.
-- "Built in Oracle or 3rd party users with default passwords" also returns ORA-1031 from SYS.USER$ (could use DBA_USERS_WITH_DEFPWD joined to DBA_USERS instead?).
Also, "Tables with > 5% chained rows and > 500 total rows" will not work in a schema where any table has zero rows, instead returning "ORA-01476: divisor is equal to zero".
More importantly, some of the advice also seems outdated, like "Verify audit_trail=NONE/FALSE", with an explanation including "AUDIT_TRAIL = os | db | db_extended | xml | xml_extended results in Oracle collecting instance wide audit trail information, which adds a slight overhead to all database transactions that might be inadvisable for a production database". One would hope any performance concerns would be mitigated by the need to audit security in a Prod DB. There are similar entries for "timed_statistics = FALSE" and others that I think merit a review as well.
It would also be nice to have options for a CDB/PDB installation, Unified Auditing, and other newer Oracle structures.
Thanks!
Rich
