Understand the parameters in the Details section of the S-TAP Control in the
GUI.
Parameter |
Default value |
Description |
Version |
|
The S-TAP version. |
Devices |
none |
Which interfaces to listen on. Use ifconfig to find the
correct interface. |
Load balancing |
0 |
Controls S-TAP
load balancing to Guardium® systems. Valid values:
- 0: No load balancing.
- 1: Load balancing. Traffic is balanced between the primary and secondary servers, which are
defined in the SQLGuard section.
- 2: Redundancy. Fully mirrored S-TAP sends all traffic to
all primary and secondary servers, which are defined in the SQLGuard section.
- 3: Hardware load balancing. Guardium uses a load
balancer such as F5 or Cisco. S-TAP sends the traffic to the
load balancer, which forwards it to one of the collectors in the pool.
Use the primary parameter in the Guardium Hosts section to specify
primary, secondary, tertiary, or more, servers. If this parameter is set to 0, and you have more
than one Guardium system monitoring traffic, then the
non-primary Guardium systems are available for failover.
This parameter is also used in enterprise load balancing. For more information, see
Enabling enterprise load balancing and associating an S-TAP with a central manager. |
Trace files dir |
INSTALLDIR |
The Directory in which access tracer files are stored. |
App. server user Identification |
|
|
TLS Use |
0 |
Guardium recommends encrypting network traffic between the S-TAP and the collector whenever
possible. Only in cases where the performance is a higher priority than security should this be
disabled.
|
Compres. level |
0 |
Data compression level, from 1 to 9. 0=no compression. |
All can control |
0 |
Defines which Guardium
system control this S-TAP. Valid
values:
- : S-TAP is controlled
by the primary Guardium
system only.
- : S-TAP can be
controlled by any Guardium
system.
|
Load Balancer host name or IP address |
|
The IP address of the central manager or managed unit this S-TAP should use for
load balancing.
- If using enterprise load balancing while Load balancing and
Managed units, failover data is not sent to the secondary system. Instead,
failover data is sent to the system allocated by the load balancer to replace the failed server.
This is true only as long as the Central Manager is running and Enterprise Load Balancer is active.
If the load balancer is not available then traffic is rerouted to secondary sqlguard_ip.
- S-TAP parameters cannot be changed via the interactive installer during
upgrade. Use the Guardium UI
after the upgrade to change S-TAP parameters.
- If configuring the enterprise load balancer to run on a managed unit, the S-TAP
must be at V10.1 or higher.
|
Managed Units |
|
The number of managed units the enterprise load balancer allocates for this
S-TAP. |
Restricted logging |
|
Controls restricted logging on the collector. Use this
to evaluate the number of records affected by an SQL command, while masking the actual query. This
parameter can only be set by user root on the DB server. Valid values:
- 0: Unrestricted.
- 1: Log with masking. Only logins are allowed (sent packets are flagged with LOGALWAYSMASK).
Forces encryption to be on in the S-TAP regardless of
any other settings; traffic is sent to the collector only after the collector has indicated that it
is aware of the parameter value. Otherwise, the S-TAP logs a message
that traffic can't be sent, and its status is red in the S-TAP Control
page.
- 2: All packets are allowed (sent packets are flagged with LOGACCESSONLY)
|
Discovery interval |
|
The interval at which the S-TAP
reports database instance discovery results to the collector. Select only if you want to change the
discovery interval from its default of 24 hours. When you select this option, the UI updates with
two radio buttons: Hour and Minute. Type in any
positive integer to set the discovery interval in either hours or minutes.
Valid values:
- Hours: maximum of 24
- Minutes: 5 - 1440
Clear the Enable discovery interval checkbox to disable. |