- What Is Oracle ReviewLite?
- Why ReviewLite Matters for Compliance
- How Does the ReviewLite Script Work?
- What Data Does ReviewLite Collect?
- Leveraging ReviewLite in ITAM Practices
- Common Pitfalls and Risks Revealed by ReviewLite
- Real-World Scenario
- 8 Expert Recommendations
- Checklist: 5 Actions to Take
- FAQs
White Paper: 10 Hidden Oracle Audit Risks That Could Blindside Your Business
Discover the compliance traps that Oracle's audit scripts most commonly uncover โ and how to address them before Oracle does.
Download White Paper โ1. What Is Oracle ReviewLite?
Oracle ReviewLite is a specialised licence audit script developed by Oracle's License Management Services (LMS) team โ now part of Oracle Global Licensing and Advisory Services (GLAS). It is part of the Oracle LMS Collection Tool suite and is designed specifically for Oracle Database products.
In practice, ReviewLite is an SQL-based script that collects detailed information from all your Oracle database instances. Oracle typically provides this script during audits or ULA certification processes, allowing both Oracle and customers to gather a comprehensive snapshot of how Oracle databases are installed and used across the enterprise.
| Attribute | Detail |
|---|---|
| Purpose | Audits Oracle Database usage; supports ULA certification and formal licence audits |
| Scope | Oracle Database products only โ separate scripts cover WebLogic, EBS, Java, etc. |
| Technology | SQL-based queries run via SQL*Plus or shell script wrapper; read-only (no data changes) |
| Ownership | Proprietary to Oracle โ not publicly downloadable; provided during audits or on request |
| Coverage Required | Must be run on every server with an Oracle Database installation (production, dev, test, DR) |
| Output Format | CSV or text files summarising server info, options usage, processor counts, user data |
Most enterprises first encounter ReviewLite when Oracle delivers an audit notice or when the ULA term is ending. However, you can proactively request it from Oracle to perform a self-assessment of your licence compliance at any time โ and doing so is strongly recommended. For a complete overview of Oracle's audit script suite, see our guide to Oracle LMS Collection Tools.
2. Why ReviewLite Matters for Compliance
Staying compliant with Oracle's licensing terms is a significant concern for enterprises, particularly those with Unlimited Licence Agreements (ULAs) or extensive Oracle deployments. ReviewLite plays a critical role in four key areas:
| Compliance Function | How ReviewLite Helps | Why It Matters |
|---|---|---|
| Transparency | Gathers granular data on users, features used, and system configuration | Identifies discrepancies between actual usage and licence entitlements |
| ULA Certification | Counts processors, users, and features to certify the deployment at ULA end | Maximises perpetual licences you retain; verifies you haven't exceeded scope |
| Audit Defence | Provides the data basis for Oracle's compliance findings in formal audits | Running it proactively lets you spot and fix issues before Oracle's auditors do |
| Cost Avoidance | Identifies use of database options or management packs that incur additional fees | Catching unlicensed Partitioning, Advanced Security, or Diagnostic Pack usage early avoids surprise bills |
It is documented that 98% of technical measurements performed by Oracle LMS uncover some non-compliance outside the ULA scope. This statistic alone should motivate every enterprise to run ReviewLite internally before Oracle does โ so you discover the issues first and can address them on your terms.
For organisations approaching ULA end-of-term, ReviewLite is essential. Oracle uses it to certify the deployment โ counting processors, users, and features so the ULA can be properly quantified. A successful certification ensures you maximise the licences you retain. For detailed guidance, see our article on Oracle ULA Certification: How to Maximise Your Perpetual Entitlement.
White Paper: Oracle Audit Playbook โ 10 Ways to Limit Exposure
Proven strategies to strengthen your position before, during, and after an Oracle licence audit. Practical steps for CIOs and procurement leaders.
Download White Paper โ3. How Does the ReviewLite Script Work?
Oracle ReviewLite operates by running a collection of read-only SQL queries and system checks on each Oracle database instance. It does not change any data or configurations โ it simply queries Oracle's data dictionary and configuration views to extract information relevant to licensing.
When you execute ReviewLite (usually via an Oracle-provided SQL*Plus script or a shell script wrapper), it produces a set of output files โ typically in CSV or text format โ summarising the findings for each database server scanned.
The script is generally safe to run in live environments and can usually be executed during business hours. However, as a best practice, coordinate with your DBA team to run it during off-peak times. Always use the latest version of the script from Oracle to ensure new features or metrics are captured.
4. What Data Does ReviewLite Collect?
| Output Category | What It Contains | Licensing Relevance |
|---|---|---|
| Server & Instance Summary | Hostname, Oracle version/edition, instance names, overall user counts | Identifies every database installation including forgotten dev/test instances |
| Options & Packs Usage | Which options (Partitioning, Advanced Security, Multitenant, etc.) and packs (Diagnostics, Tuning) are installed and whether they've been used | Most common source of compliance gaps โ options often enabled inadvertently |
| Processor & Hardware Data | Number of processors/cores per database server, CPU architecture, hardware details | Critical for processor-based licensing calculations and core factor application |
| Session & User Data | Named users, concurrent sessions, high-watermark metrics (peak usage levels) | Determines Named User Plus compliance and whether minimums are met |
| Configuration Details | RAC settings, virtualisation technology, partitioning configuration, Data Guard setup | VMware or soft-partitioned environments can dramatically expand licensing scope |
| Feature Usage History | First and last dates each feature was used, usage count from DBA_FEATURE_USAGE_STATISTICS | Even brief or accidental usage is flagged โ Oracle considers it licensable |
ReviewLite does not automatically indicate whether you are compliant. It provides the raw technical data. It is up to your ITAM team (and ultimately Oracle's auditors) to interpret those facts against your contracts. This is why independent expert analysis of the output is essential โ Oracle will interpret the data in their favour.
For detailed guidance on reading LMS output files, see our expert guide to Interpreting Oracle LMS Database Script Output.
5. Leveraging ReviewLite in ITAM Practices
For ITAM professionals, Oracle ReviewLite should be viewed as a crucial tool in the toolkit for managing Oracle licences. Here is how to leverage it effectively:
- Run regular internal audits. Don't wait for Oracle to mandate it. Run ReviewLite periodically (at least annually or before any expected Oracle engagement) to identify compliance issues early. Think of it as a "licence health check" for your Oracle databases.
- Ensure complete coverage. Execute the script on every Oracle database instance across all environments โ production, development, test, DR, standby. A common mistake is scanning only known production servers while forgetting a developer-installed database or a DR site. ReviewLite has no automatic discovery โ if you don't run it somewhere, that instance's data won't be collected.
- Combine with SAM tools. The raw output can be voluminous. Feed the output files into Software Asset Management tools or parsing scripts that highlight potential compliance issues. Some SAM tools have built-in support for importing ReviewLite results, saving your team from manually analysing thousands of lines of data.
- Get expert analysis. Have your licensing specialists or an independent Oracle licensing consultancy review the findings. They will know that a flag showing "Oracle Advanced Security used = YES" means you likely need licences for that option on all applicable processors. Experts can distinguish between benign configurations and true licence requirements, and quantify the financial risk.
- Treat the output as sensitive. ReviewLite data is essentially a complete map of your Oracle deployment and any compliance gaps. Review results internally before sharing anything with Oracle. Sending unreviewed output directly to Oracle is handing them your negotiating position.
ReviewLite collects data on all Oracle products in your environment โ not just ULA-covered ones. This means running it at Oracle's request during a ULA certification can expose compliance gaps on products outside the ULA scope. Always run the script internally first and remediate any non-ULA issues before allowing Oracle to see the data. See our guide on ULA Certification strategies for details.
6. Common Pitfalls and Risks Revealed by ReviewLite
Oracle ReviewLite often highlights areas where enterprises unknowingly drift out of compliance. Being aware of these common pitfalls helps you address them proactively:
| Pitfall | What Happens | Impact / Risk |
|---|---|---|
| Unlicensed options used | A database option or pack (e.g., Partitioning, Tuning Pack) is enabled and used without being licensed | Significant unbudgeted fees โ these options cost extra per processor, leading to a hefty compliance bill |
| Incomplete environment scan | Some Oracle instances missed during data collection (script not run on all servers) | Compliance blind spots โ Oracle may later find those instances, causing penalties |
| Ignoring peak usage | Only average usage considered, but ReviewLite logs peak concurrent sessions/users | Under-licensing โ if peaks exceed licensed NUP counts or processor counts, you're non-compliant |
| Outdated script version | Using an old version that doesn't capture newer features or cloud deployments | False sense of compliance โ Oracle's auditors will use the updated tool and catch what you missed |
| Blindly trusting Oracle's analysis | Sending outputs to Oracle without internal review first | Lost negotiating leverage โ if Oracle finds issues you weren't aware of, you're on the back foot |
| Features enabled by default | Fresh Oracle EE installs have Diagnostic Pack enabled by default (CONTROL_MANAGEMENT_PACK_ACCESS = DIAGNOSTIC+TUNING) | Accidental non-compliance โ DBA runs an AWR report without realising it requires a licence |
For more on inadvertent pack usage, see our detailed guide on Oracle Diagnostic Pack and Tuning Pack Licensing.
White Paper: 10 Oracle ULA Negotiation Secrets They'd Rather You Didn't Discover
Insider knowledge on how Oracle structures ULAs, what they don't tell you about certification, and how to negotiate from strength.
Download White Paper โ7. Real-World Scenario
An international retailer ran Oracle ReviewLite six months before their ULA expiration and discovered that Oracle Partitioning was enabled on dozens of databases. This feature was not originally in their ULA scope โ meaning it would have been flagged as a separate compliance gap at certification time.
By uncovering this early, the ITAM team negotiated to include Partitioning in their ULA certification, avoiding an expensive surprise later. Had they waited for Oracle's auditors to find it, they would have faced a much weaker negotiating position and potentially millions in unexpected licence fees.
8. 8 Expert Recommendations
- Run ReviewLite proactively. Don't wait for an Oracle audit notice. Periodically run the script internally to self-assess your Oracle licence compliance. Early detection is far better than scrambling during an audit.
- Inventory all Oracle databases. Maintain a current inventory of every Oracle Database installation โ including those spun up in cloud or test environments. You can only audit what you know about.
- Use the latest tools. Always obtain the latest ReviewLite script from Oracle before running it. Oracle updates these scripts to account for new database versions and options, so an up-to-date tool means more accurate data.
- Analyse results in-house first. Treat the output as sensitive intelligence. Have your ITAM team and DBAs review results internally before sharing anything with Oracle. Investigate any red flags to understand why they exist and plan remediation.
- Engage independent experts. If your team lacks Oracle licensing expertise, involve a third-party Oracle licensing specialist. They can interpret complex output files, distinguish benign flags from real risks, and quantify financial exposure.
- Educate your DBAs and architects. Train database administrators on which features are separately chargeable and should be disabled if not licensed. Simple awareness prevents accidental use of costly options. Set
CONTROL_MANAGEMENT_PACK_ACCESS = NONEon databases without Diagnostic/Tuning Pack licences. - Document everything. Keep records of when and where you ran ReviewLite, and document actions taken as a result (disabling features, purchasing licences). This documentation demonstrates effective licence governance in any discussion with Oracle.
- Plan for ULA certification early. If you have a ULA, use ReviewLite data throughout the ULA period to track deployments. By certification time, you should already know exactly what your usage is and have a strategy โ don't treat it as a last-minute formality. See our ULA Certification guide for detailed planning steps.
9. Checklist: 5 Actions to Take
White Paper: Oracle ULA Missteps Are Draining Your Budget โ Here's How to Fix It
Common ULA certification mistakes, over-renewal traps, and the practical steps to stop budget leakage.
Download White Paper โ๐ก๏ธ Need Help With Oracle Audit Defence or ULA Certification?
Redress Compliance's Oracle advisory team has defended hundreds of Oracle audits and ULA certifications for Fortune 500 companies. We analyse ReviewLite outputs independently, identify compliance risks, quantify financial exposure, and develop strategies to minimise costs โ all with no vendor affiliation.