Prerequisites for the basic data security monitoring policy
Take simple steps to verify that you are ready to begin using the basic data security monitoring policy.
Procedure
-
Install S-TAP monitoring agents on your database servers and confirm that the S-TAP inspection
engines are correctly configured. For information about installing S-TAPs using the Guardium Installation Manager (GIM), see Deploy monitoring agents. View or modify inspection engines on collectors by navigating to Manage > Activity Monitoring > S-TAP Control.
- Verify that S-TAPs are not configured to ignore database responses. The db_ignore_response configuration parameter in the S-TAP configuration file guard_tap.ini should be set to none (the default value). If you are managing the S-TAP using GIM, the equivalent GIM parameter is STAP_DB_IGNORE_RESPONSE for Linux and UNIX systems or WINSTAP_DB_IGNORE_RESPONSE for Windows systems.
- Verify that the Log Records Affected setting is enabled for the
inspection engines.
On each collector in a standalone environment (no central manager), navigate to Manage > Activity Monitoring > Inspection Engines, select the Log Records Affected check box, and click Apply. Alternatively, log in to the each collector via SSH as the cli user and run the following command:
grdapi update_engine_config logRecords=true
In a managed environment, log in to the central manager via SSH as the cli user and run the following command once for each managed collector host name:
grdapi update_engine_config logRecords=true api_target_host="<managed collector host name>"
- Upload the latest Guardium Database Protection Subscription Service (DPS) update to each
collector in a standalone environment or to the central manager in a managed environment.
The latest DPS update is available on IBM Fix Central.
- Navigate to Harden > Vulnerability Assessment > Customer Uploads.
- In the DPS Upload section, click Browse and choose the latest DPS update file, then click Upload.
- In the Import DPS section, click on the icon to import the DPS
update. The import may take a while to finish. You can monitor the status of the import by connecting to the Guardium system via SSH as the cli user and running the following command:
show dps