display_stap_config
This command outputs the properties of all S-TAPs, including the inspection engines and SQL connections, on the specified host. Optionally, specify the S-TAP® parameters you want to output.
This API is available in Guardium V9.5 and later.
REST API syntax
This API is available as a REST service with the
GET
method. Call this API as
follows:
GET https://[Guardium hostname or IP address]:8443/restAPI/display_stap_config
GuardAPI syntax
display_stap_config parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
filterConfigByParams | String | Use this parameter to specify the specific parameters you want to output. Comma separated
string of one or more of these valid values:
TAP section:
DB section:
SQLGUARD section:
SQLC_n section (UNIX Oracle Unified
Auditing only):
Default = all |
stapHost | String | Required. Valid values:
|
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |
Examples
To view the full S-TAP configuration:grdapi display_stap_config stapHost=all_active filterConfigByParams=all
Sample
response:ID=9
1. 9.42.29.158
Id:9
TAP:
add_to_verification_schedule=0
all_can_control=0
alternate_ips=
appserver_installed=0
appserver_login_pattern=X
appserver_ports=8080
appserver_session_pattern=X
appserver_session_postfix=X
appserver_session_prefix=X
appserver_username_postfix=X
appserver_username_prefix=X
appserver_usersess_pattern=X
appserver_usersess_postfix=X
appserver_usersess_prefix=X
atap_exec_location=/var/guard
atap_request_handler_enable=1
buffer_file_size=50
cas_checkpoint_period=3600
cas_client_baseline=client_baseline
cas_client_checkpoint=client_checkpoint
cas_fail_over_file=fail_over_file
cas_max_reconnect_attempts=5000
cas_md5_size_limit=1000
cas_raw_data_limit=1000
cas_reconnect_interval=60
cas_task_baseline=task_baseline
cas_task_checkpoint=task_checkpoint
cassandra_audit_delimiter=GUARD_DELIM
cassandra_audit_enabled=0
connection_timeout_sec=10
db_ignore_response=none
db_ignore_response_bypass_bytes=4096
db_ignore_response_filter=0.0.0.0/0.0.0.0
db_ignore_response_local=1
db_ignore_response_resets_per_request=0
devices=none
discovery_dbs=oracle:db2:informix:mysql:postgres:sybase:hadoop:teradata:netezza:memsql
discovery_debug=0
discovery_interval=24h
discovery_ora_alt_locations=
discovery_port=8443
failover_tls=1
fam_enable=0
firewall_default_state=0
firewall_fail_close=0
firewall_force_unwatch=
firewall_force_watch=
firewall_installed=0
firewall_timeout=10
force_log_limited=0
force_server_ip=0
fsm_driver_installed=0
guardium_ca_path=
guardium_crl_path=
hunter_trace=0
kafka_bootstrap_servers=
kafka_group_name=stap
kafka_is_mapr=0
kafka_keytab=
kafka_principal=
kafka_reader_enabled=0
kafka_ssl_ca_location=
kafka_topic_name=NavigatorAuditEvents
kafka_use_tls=0
kerberos_plugin_dir=
khash_max_entries=8192
khash_table_length=24593
ktap_buffer_flush=0
ktap_buffer_size=4194304
ktap_dbgev_ev_list=0
ktap_dbgev_func_name=all
ktap_fast_file_verdict=1
ktap_fast_tcp_verdict=1
ktap_installed=0
ktap_request_timeout=5
ktap_version=
ld_library_paths=
load_balancer_ip=
load_balancer_num_mus=1
log4j_listen_address=0.0.0.0
log4j_num_connections=20
log4j_reader_enabled=0
log_program_name=0
max_packet_num=2000
max_server_write_size=65536
msg_aggregate_timeout=100
msg_count_watermark=64
os_type=
participate_in_load_balancing=2
pcap_buffer_size=-1
pcap_dispatch_count=16
pcap_read_timeout=0
private_tap_ip
qrw_default_state=0
qrw_force_unwatch=
qrw_force_watch=
qrw_installed=0
remote_messages=1
sqlc_properties_dir=
sqlguard_cert_cn=
stap_statistic=0
syslog_messages=1
tap_buf_dir=
tap_debug_output_level=0
tap_failover_session_quiesce=240
tap_failover_session_size=1024
tap_ip=9.42.29.158
tap_log_dir=
tap_run_as_root=1
tap_type=stap
tap_version=STAP-11.1.0.0_r106678_trunk_1-20190519_1933
tee_installed=0
tee_msg_buf_len=128
uid_chain_sshd_ip=0
upload_feature=1
use_tls=0
wait_for_db_exec=1
DB_0:
connect_to_ip=127.0.0.1,::1
db2_fix_pack_adjustment=20
db2_shmem_client_position=0
db2_shmem_size=131072
db2bp_path=NULL
db_exec_file=/$ORACLE_HOME/bin/oracle
db_install_dir=/home/oracle18
db_type=oracle
db_user=oracle18
encryption=0
db_version=18
instance_running=1
intercept_types=NULL
load_balanced=1
port_range_end=1525
port_range_start=1520
priority_count=20
real_db_port=1521
tap_identifier=oracle_9.70.147.74(1521,1521,DB_0)
tee_listen_port=0
unix_domain_socket_marker=ORCL
networks=0.0.0.0/0.0.0.0,::/0
exclude_networks=
DB_1:
protocol=mysql
connect_to_ip=127.0.0.1
db2_fix_pack_adjustment=20
db2_shmem_client_position=0
db2_shmem_size=131072
db2bp_path=
db_exec_file=/home/mysql57/mysql/bin/
db_install_dir=/home/mysql57/mysql/data
db_type=mysql
db_user=mysql57
encryption=0
exclude_networks=
informix_version=9
instance_running=1
intercept_types=
load_balanced=1
networks=0.0.0.0/0.0.0.0
port_range_end=33060
port_range_start=3357
priority_count=20
real_db_port=3357
tap_identifier=mysql_9.42.29.158(3357,33060,DB_2)
tee_listen_port=
unix_domain_socket_marker=mysql.sock
DB_2:
protocol=db2
connect_to_ip=127.0.0.1
db2_fix_pack_adjustment=20
db2_shmem_client_position=61440
db2_shmem_size=131072
db2bp_path=
db_exec_file=/home/db2inst1/sqllib/adm/db2sysc
db_install_dir=/home/db2inst1
db_type=db2
db_user=db2inst1
encryption=0
exclude_networks=
informix_version=9
instance_running=1
intercept_types=
load_balanced=1
networks=0.0.0.0/0.0.0.0
port_range_end=50000
port_range_start=50000
priority_count=20
real_db_port=50000
tap_identifier=db2_9.42.29.158(50000,50000,DB_3)
tee_listen_port=
unix_domain_socket_marker=
SQLGUARD_0:
connection_pool_size=0
num_main_thread=1
primary=1
sqlguard_ip=<Guardium host-0 IP or name>
sqlguard_port=16016
SQLGUARD_1:
connection_pool_size=0
num_main_thread=1
primary=2
sqlguard_ip=<Guardium host-1 IP or name>
sqlguard_port=16016
SQLGUARD_2:
connection_pool_size=0
num_main_thread=1
primary=3
sqlguard_ip=<Guardium host-2 IP or name>
sqlguard_port=16016
SQLGUARD_3:
connection_pool_size=0
num_main_thread=1
primary=4
sqlguard_ip=<Guardium host-3 IP or name>
sqlguard_port=16016
SQLGUARD_4:
connection_pool_size=0
num_main_thread=1
primary=5
sqlguard_ip=<Guardium host-4 IP or name>
sqlguard_port=16016
SQLGUARD_5:
connection_pool_size=0
num_main_thread=1
primary=6
sqlguard_ip=<Guardium host-5 IP or name>
sqlguard_port=16016
ok
To view only the S-TAP parameters
db_user and sqlguard_port:
grdapi display_stap_config stapHost=all_active filterConfigByParams=db_user,sqlguard_port
Sample
response:1. <S-TAP host IP>
Id:22
DB_0:
protocol=db2
db_user=db2inst1
DB_1:
protocol=Mysql
db_user=mysql8
DB_2:
protocol=Mysql
db_user=mysql8
DB_3:
protocol=Mysql
db_user=mysql57
SQLGUARD_0:
sqlguard_port=16016
SQLGUARD_1:
sqlguard_port=16016
SQLGUARD_2:
sqlguard_port=16016
2. <S-TAP host IP>
Id:21
DB_0:
protocol=db2
db_user=db2inst1
DB_1:
protocol=Mysql
db_user=mysq57
DB_2:
protocol=Mysql
db_user=mysq57
SQLGUARD_0:
sqlguard_port=16016
SQLGUARD_1:
sqlguard_port=16016
SQLGUARD_2:
sqlguard_port=16016
SQLGUARD_3:
sqlguard_port=16016
ok