Strict username example (Oracle)
Monitoring network traffic is subject to network packet loss. Losses can occur for various reasons, such as overloading S-TAP buffers on the peaks or insufficient collector power, S-TAP or sniffer restarts, or too many sessions are coming into the collector. Priority packets are the packets that contain metadata responsible for correctly extracting session information. Partial loss of priority packets can cause interpretation issues such as mangled usernames, source program names, and other important session information. This example shows how to provide a check on the username to ensure that it is correct. If the username is not correct, the username is replaced by a user-defined value.
This example has two rules.
- Session level criteria = Database type = ORACLE
- Rule action = CONFIGURE =
STRICT_USERNAME:<replacement_value>
Where <replacement_value> is any value that you choose. If Guardium finds a problem with the username, it is replaced with the specified value.
-
- Session level criteria:
- Database type = ORACLE
- Session = GET_USERNAME_PROBLEM
- Rule action = THROW EXCEPTION = SESSION EXCEPTION
- Exception message = Session $(SESSION_INFO)$. PROBLEM TO GET USERNAME. PLACEHOLDER USERNAME - $(DB_USER)$, CLIENT OS - $(CLIENT_OS_NAME)$, SERVER OS - $(SERVER_OS_NAME)$)
- Session level criteria: