S-TAP Control: Details

Understand the parameters in the Details section of the S-TAP Control in the GUI.

Parameter Default value Description
Version   The S-TAP version.
Devices none Which interfaces to listen on. Use ifconfig to find the correct interface.
Load balancing 0 Controls S-TAP load balancing to Guardium® systems. Valid values:
  • 0: No load balancing.
  • 1: Load balancing. Traffic is balanced between the primary and secondary servers, which are defined in the SQLGuard section.
  • 2: Redundancy. Fully mirrored S-TAP sends all traffic to all primary and secondary servers, which are defined in the SQLGuard section.
  • 3: Hardware load balancing. Guardium uses a load balancer such as F5 or Cisco. S-TAP sends the traffic to the load balancer, which forwards it to one of the collectors in the pool.
Use the primary parameter in the Guardium Hosts section to specify primary, secondary, tertiary, or more, servers. If this parameter is set to 0, and you have more than one Guardium system monitoring traffic, then the non-primary Guardium systems are available for failover.
This parameter is also used in enterprise load balancing. For more information, see Enabling enterprise load balancing and associating an S-TAP with a central manager.
Trace files dir INSTALLDIR The Directory in which access tracer files are stored.
App. server user Identification    
TLS Use 0
  • X mark: do not encrypt traffic between the S-TAP agent and the Guardium system.
    Warning: The traffic between the agent and Guardium system is in clear text.
  • check mark: Use SSL to encrypt traffic between the S-TAP agent and the Guardium system.

Guardium recommends encrypting network traffic between the S-TAP and the collector whenever possible. Only in cases where the performance is a higher priority than security should this be disabled.

Compres. level 0 Data compression level, from 1 to 9. 0=no compression.
All can control 0 Defines which Guardium system control this S-TAP. Valid values:
  • X mark: S-TAP is controlled by the primary Guardium system only.
  • check mark: S-TAP can be controlled by any Guardium system.
Load Balancer host name or IP address  
The IP address of the central manager or managed unit this S-TAP should use for load balancing.
  • If using enterprise load balancing while Load balancing and Managed units, failover data is not sent to the secondary system. Instead, failover data is sent to the system allocated by the load balancer to replace the failed server. This is true only as long as the Central Manager is running and Enterprise Load Balancer is active. If the load balancer is not available then traffic is rerouted to secondary sqlguard_ip.
  • S-TAP parameters cannot be changed via the interactive installer during upgrade. Use the Guardium UI after the upgrade to change S-TAP parameters.
  • If configuring the enterprise load balancer to run on a managed unit, the S-TAP must be at V10.1 or higher.
Managed Units   The number of managed units the enterprise load balancer allocates for this S-TAP.
Restricted logging   Controls restricted logging on the collector. Use this to evaluate the number of records affected by an SQL command, while masking the actual query. This parameter can only be set by user root on the DB server. Valid values:
  • 0: Unrestricted.
  • 1: Log with masking. Only logins are allowed (sent packets are flagged with LOGALWAYSMASK). Forces encryption to be on in the S-TAP regardless of any other settings; traffic is sent to the collector only after the collector has indicated that it is aware of the parameter value. Otherwise, the S-TAP logs a message that traffic can't be sent, and its status is red in the S-TAP Control page.
  • 2: All packets are allowed (sent packets are flagged with LOGACCESSONLY)
Discovery interval   The interval at which the S-TAP reports database instance discovery results to the collector. Select only if you want to change the discovery interval from its default of 24 hours. When you select this option, the UI updates with two radio buttons: Hour and Minute. Type in any positive integer to set the discovery interval in either hours or minutes. Valid values:
  • Hours: maximum of 24
  • Minutes: 5 - 1440
Clear the Enable discovery interval checkbox to disable.