Prerequisites for the basic data security monitoring policy

Take simple steps to verify that you are ready to begin using the basic data security monitoring policy.

Procedure

  1. Install S-TAP monitoring agents on your database servers and confirm that the S-TAP inspection engines are correctly configured.
    For information about installing S-TAPs using the Guardium Installation Manager (GIM), see Deploy monitoring agents. View or modify inspection engines on collectors by navigating to Manage > Activity Monitoring > S-TAP Control.
  2. Verify that S-TAPs are not configured to ignore database responses.
    The db_ignore_response configuration parameter in the S-TAP configuration file guard_tap.ini should be set to none (the default value). If you are managing the S-TAP using GIM, the equivalent GIM parameter is STAP_DB_IGNORE_RESPONSE for Linux and UNIX systems or WINSTAP_DB_IGNORE_RESPONSE for Windows systems.
  3. Verify that the Log Records Affected setting is enabled for the inspection engines.

    On each collector in a standalone environment (no central manager), navigate to Manage > Activity Monitoring > Inspection Engines, select the Log Records Affected check box, and click Apply. Alternatively, log in to the each collector via SSH as the cli user and run the following command: grdapi update_engine_config logRecords=true

    In a managed environment, log in to the central manager via SSH as the cli user and run the following command once for each managed collector host name: grdapi update_engine_config logRecords=true api_target_host="<managed collector host name>"

  4. Upload the latest Guardium Database Protection Subscription Service (DPS) update to each collector in a standalone environment or to the central manager in a managed environment.
    The latest DPS update is available on IBM Fix Central.
    1. Navigate to Harden > Vulnerability Assessment > Customer Uploads.
    2. In the DPS Upload section, click Browse and choose the latest DPS update file, then click Upload.
    3. In the Import DPS section, click on the check mark icon to import the DPS update.
      The import may take a while to finish. You can monitor the status of the import by connecting to the Guardium system via SSH as the cli user and running the following command: show dps

What to do next

You are ready to install the basic data security monitoring policy.