What is an Oracle middleware evidence file?
An Oracle middleware evidence file is a maintained record of your entitled edition, the options and packs in genuine use, and how each instance was obtained, so a finding can be met with documented facts rather than reconstructed under deadline. It is the middleware equivalent of the deployment inventory that defends a database estate, and it exists for one reason: an auditor who finds a feature configured will treat it as licensable until you prove otherwise, and proof is far easier to present than to assemble from scratch in a few weeks.
The evidence file sits inside the standing compliance discipline described in the Oracle license compliance guide. It turns the question of what you use from an argument into a fact, which is precisely what shifts the burden back where it belongs.
The evidence file is not paperwork for its own sake. It is the difference between conceding a finding because you cannot disprove it and rejecting it because you can show what is actually in use.
What should a middleware evidence file contain?
A middleware evidence file should contain your ordering documents and entitled edition, a domain by domain map of configured options, evidence of production use versus mere installation, provenance for each component, and the environment each instance runs in. The structure matters because each element answers a question an auditor will ask. The ordering documents fix what you own. The domain map shows where each feature lives. The use evidence separates a configured but idle option from one relied on in production. The provenance record settles the free question for components such as Oracle HTTP Server, where the answer turns on how the instance arrived, as covered in Oracle HTTP Server and the free question.
Building the file is also a detection exercise, because you cannot document what you have not found. The methods for locating every WebLogic and Fusion Middleware instance are set out in detecting middleware deployments, and the option level detail that the file must record is in middleware options and packs.
| Element | What it records | Question it answers |
|---|---|---|
| Ordering documents | Entitled edition and quantity | What do we own |
| Domain map | Options configured per domain | Where does each feature live |
| Use evidence | Production use versus install | What is genuinely relied upon |
| Provenance | How each component was obtained | Is it free or licensable |
| Environment | Production, development or test | Does it count |
What your edition includes and which components are licensable is contract dependent and set by your ordering documents and Oracle Master Agreement. The evidence file records the facts, but the conclusions must be read against your specific terms.
Why build a middleware evidence file before an audit?
You build a middleware evidence file before an audit because the response window is only 30 to 45 days, and a record assembled calmly in advance is far stronger than one pieced together under pressure. When the letter arrives, the clock starts, and an estate without an evidence file spends most of the window simply working out what it has rather than building a defensible position. Missing provenance and unclear use evidence are routinely resolved against the customer, so the gaps you leave become the auditor's findings.
The discipline is the same calm preparation that defines a good audit response generally. The file should be a living record, refreshed whenever the estate changes, so that it is current on the day it is needed rather than a snapshot that has aged.
A worked example of the evidence file at work
Consider an estate that receives a middleware finding claiming clustering and a management pack across the full processor count. The team with no evidence file spends three weeks reconstructing what runs where and concedes most of the claim because it cannot disprove ongoing use. The team with an evidence file responds in days: the file shows clustering confined to two production domains, the management pack accessed once during a configuration review with no monitoring data since, and a development domain excluded as non production. The defensible exposure is a fraction of the opening number, and the response is documented rather than argued.
Your next step
A middleware evidence file is the cheapest insurance against an inflated finding, and the best time to build it is before any letter arrives. An independent buyer side review builds the file for your estate, fixes your entitled edition, and records the use and provenance that turn a finding into a documented fact. Get a quote to have us inventory your middleware, build the evidence file, and confirm your defensible position against any finding already on the table. The license compliance review service covers exactly this work, and you can reach us through the contact page.
Get a quote to build your middleware evidence file before an audit. Start at the contact page, or read the full Oracle license compliance guide.