Over the years some replication vendors have chosen to create proprietary software that reverse engineers the Oracle Database logs to obtain the data within them. Vendors who have chosen this strategy have avoided fully supported utilities and APIs, such as LogMiner, XStream or GoldenGate. 

These 3rd party unsupported, unauthorized binary log readers leave you at risk for: 

  1. Operational Risks for Unplanned Outages – Oracle does not coordinate or collaborate with any 3rd parties on these binary log formats, they can change at any time, in any patch, without notification. Breaking changes could happen at any time. Further, these binary logs typically do not contain all the supplemental metadata about data and transactions that are necessary for reliable data integration use cases. These physical disk logs are only intended for database lifecycle use cases and are not built or maintained to support data integration use cases, therefore they may be missing important datatype information, schema details, encrypted content and sensitive data controls that are necessary for mission-critical solutions.
     
  2. Security & Governance Risks for End User Data – administrative tools that require direct-host (machine and OS level) access to database logs and may require the use of Master Encryption Keys (MEKs), exposure of these private (end user) keys to 3rd parties such as integration vendors, infrastructure providers or systems integrators pose a significant compliance risk for several regulatory policies such as SOC2, Basel, BCBS239 and others. If a vendor who supplies the binary log reader is unable to certify that a specific security patch (of the database, infrastructure or the 3rd party tools) will not expose your private data to unlawful acess or if they advise against staying current with database security patches then someone could be held accountable for purposefully not applying security fixes to protect you and your customer’s data. 
     
  3. Performance, Scale and Cloud Databases – direct disk-based access to the redo logs causes unnecessary I/O issues with limitations on parallelism and compute utilization. These problems are further exacerbated when ASM storage is remotely accessed from cloud hosted bin log readers. Real-world workloads often run 2x-5x faster and handle 3x-10x more data volume when using native XStream APIs or GoldenGate extracts, which are integrated with database internals. Oracle managed cloud databases (e.g. Oracle Base Database Service, Oracle Autonomous Database, Oracle Exadata Cloud Service, and Oracle Exadata Cloud at Customer, Oracle Multicloud Databases) may not be supported by binary log readers. In particular, it is not supported to install 3rd party binary log parsers from Oracle managed cloud hosts. Further, Exadata cloud systems require encrypted tables which are not readable by binary log parsers in Database 19.1 and higher. (without exposing sensitive Master Encryption Keys)
     
  4. Policy Compliance Exposure – Oracle does not authorize any 3rd parties to use the content and structure of the binary redo logs or archive logs from the Oracle Database. The use of 3rd party tools that reverse engineer these logs is unsupported and may be in direct violation of multiple binding agreements between you (licensed customers or partners) and Oracle. For example, the Oracle Master Agreement (General Terms – Section 3, Schedule P – Section 3.2, and Schedule C – Section 3.4) expressly forbids causing or permitting others to reverse engineer data structures of the software, which is how these binary log reader products work.  Additionally, the Oracle Software License Agreement also expressly forbids causing or permitting others to reverse engineer data structures of the software, see section D, 3rd bullet. Before using any of these binary log readers on your databases we recommend checking your signed contracts and agreements.

 

In Conclusion

Using 3rd party products to reverse engineer the Oracle Database redo logs exposes you and your organization to a significant number of risks. These unsupported methods are notoriously inaccurate and the transaction data may or may not be interpreted correctly putting the value of the data itself at risk. 

Oracle provides free APIs for change detection (eg; Logminer, included with Oracle Database licenses and works with all Oracle cloud databases) which are in turn supported commercially by many data integration vendors and open source tools (eg; Debezium) for change data capture (CDC). Oracle also partners with a wide array of 3rd party vendors to bring GoldenGate into multicloud ecosystems (eg; Microsoft and Google) and XStream into modern data integration solutions (eg; Snowflake, Confluent, IBM, SAP etc). And, of course we also provide our own native Oracle GoldenGate and OCI GoldenGate capabilities, which are broadly considered best-of-breed and certainly best for Oracle Databases.

Thus, there are plenty of low-cost and cloud-native ways to get access to fully supported, trusted and reliable change data capabilties from Oracle Database – without having to risk it all using unsupported and untrustworthy binary log readers.