Installed Policy domain

Description of policy parameters and rules for the installed policy. The Installed Policy domain supports multiple policies and multiple actions per rule. This topic describes the domain's entities and attributes.

Available to roles: all

Installed Policy entity

Describes the installed policy.

Attribute Description
Audit Pattern Test pattern used for a selective audit trail policy.
ID Identifies the policy installation record.
Policy Description Description from the policy definition.
Rule Set Id Identifies the set of rules.
Selective Audit Trail Indicates if this is a selective audit trail policy (T/F).
Sequence Sets the order of sequence when there is multiple installed policies.
Timestamp Timestamp for the creation of the record.

Installed Rule entity

Attribute Description
ACCESS_RULE_ID Identifies an access rule.
App Event Date Value From the rule definition.
App Event Exists From the rule definition.
App Event Numeric Value  
App Event Text / Numeric / Date The application event's text, numeric, and date attributes.
App Event Text Value From the rule definition.
App User From the rule definition.
App User / Group A single attribute and a related attribute (if any) in a single column of the report.
App User Group From the rule definition.
Category / Classification The combined category and classification for the rule.
Category Name From the rule definition.
Classification Name From the rule definition.
Client IP From the rule definition.
Client IP / Group A single attribute and a related attribute (if any) in a single column of the report.
Client IP Group From the rule definition.
Client IP/Src App/DB User/Server IP/Svc Name Group  
Client IP/Src App/DB User/Server IP/Svc Name/OS User/DB Name Group  
Client MAC From the rule definition.
Client Net Mask From the rule definition.
Command From the rule definition.
Command / Group A single attribute and a related attribute (if exists) in a single column of the report.
Command Group From the rule definition.
Continue to next Rule / Revoke From the rule definition.
DB Name From the rule definition.
DB Name / Group A single attribute and a related attribute (if exists) in a single column of the report.
DB Name Group From the rule definition.
DB Type From the rule definition.
DB User From the rule definition.
DB User / Group A single attribute and a related attribute (if exists) in a single column of the report.
DB User Group From the rule definition.
Data Pattern From the rule definition.
Error Code From the rule definition.
Error Code / Group A single attribute and a related attribute (if exists) in a single column of the report.
Event type From the rule definition.
Event User Name From the rule definition.
Exception Type From the rule definition.
Field From the rule definition.
Field Group From the rule definition.
Field Name / Group A single attribute and a related attribute (if exists) in a single column of the report.
GDM_INSTALLED_POLICY_HEADER_ID The installed policy header.
GDM_INSTALLED_POLICY_RULES_ID The installed policy rule.
LAST_ACCESSED Last accessed.
Min Ct From the rule definition.
Net Protocol From the rule definition.
Net Protocol / Group A single attribute and a related attribute (if exists) in a single column of the report.
Net Protocol Group From the rule definition.
OS User From the rule definition.
OS User / Group A single attribute and a related attribute (if exists) in a single column of the report.
OS User Group From the rule definition.
Object From the rule definition.
Object Group From the rule definition.
Object Name / Group A single attribute and a related attribute (if exists) in a single column of the report.
Object/Command Group  
Pattern / XML Pattern From the rule definition.
Period From the rule definition.
Rec Vals From the rule definition.
Records Affected Threshold From the rule definition.
Replacement Character From the rule definition.
Reset Interval From the rule definition.
Returned Data Threshold From the rule definition.
Rule Description From the rule definition.
Rule Position Position within the policy.
Rule Type One of: Access Rule (0); Exception Rule (1); Extrusion Rule (2); Fam Rule(6); Sharepoint Rule(7); Dataset Collection Profile (8); DB2 COLLECTION PROFILE (9); DB2 z/os BLOCKING PROFILE (10); IMS COLLECTION PROFILE (11); SESSION_LEVEL_RULE (12).
SQL Pattern From the rule definition.
Server Host Group From the rule definition.
Server Host Name From the rule definition.
Server IP From the rule definition.
Server IP / Group A single attribute and a related attribute (if exists) in a single column of the report.
Server IP Group From the rule definition.
Server Net Mask From the rule definition.
Service Name From the rule definition.
Service Name / Group A single attribute and a related attribute (if exists) in a single column of the report.
Service Name Group From the rule definition.
Severity From the rule definition.
Source Program / Group A single attribute and a related attribute (if exists) in a single column of the report.
Source Program Group From the rule definition.
Src App From the rule definition.

Installed Rule Action entity

Attribute Description
Access Rule Id Identifies the Access Rule.
Action Block, Log or Alert.
Sequence Sequence of the action within the rule.
Template Name Template Name.

Installed Alert Notification entity

Attribute Description
ALERT_ID Identifies the alert definition. Only available to users with the admin role.
ALERT_NOTIFICATION_ID Identifies the alert notification. Only available to users with the admin role.
ALERT_TYPE Type of alert.
Alert Destination For example: EMAIL, SNMP, SYSLOG, CUSTM.
Alert Notification Type Type of alert from the policy rule definition.
Alert User Receiver of the alert.
Timestamp Timestamp at which the alert record was created.