display_stap_config

This command outputs the properties of all S-TAPs, including the inspection engines and SQL connections, on the specified host. Optionally, specify the S-TAP® parameters you want to output.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the GET method. Call this API as follows:
GET https://[Guardium hostname or IP address]:8443/restAPI/display_stap_config

GuardAPI syntax

display_stap_config parameter=value

Parameters

Parameter Value type Description
filterConfigByParams String Use this parameter to specify the specific parameters you want to output. Comma separated string of one or more of these valid values:
  • all
TAP section:
  • add_to_verification_schedule (UNIX, Windows)
  • alert_on_shared_memory_enabling (Windows)
  • all_can_control (UNIX, Windows)
  • alternate_ips (UNIX, Windows)
  • appserver_installed (UNIX, Windows)
  • appserver_login_pattern (UNIX, Windows)
  • appserver_ports (UNIX, Windows)
  • appserver_session_pattern (UNIX, Windows)
  • appserver_session_postfix (UNIX, Windows)
  • appserver_session_prefix (UNIX, Windows)
  • appserver_username_postfix (UNIX, Windows)
  • appserver_username_prefix (UNIX, Windows)
  • appserver_usersess_pattern (UNIX, Windows)
  • appserver_usersess_postfix (UNIX, Windows)
  • appserver_usersess_prefix (UNIX, Windows)
  • atap_exec_location (UNIX)
  • auto_discovery (Windows)
  • bad_alloc_counter_max (UNIX)
  • buf_msg_time_interval (UNIX, Windows)
  • buffer_file_size (UNIX, Windows)
  • buffer_mmap_file (UNIX, Windows)
  • buffer_percentage_for_priority_packet (UNIX)
  • cas_checkpoint_period (UNIX, Windows)
  • cas_client_baseline (UNIX, Windows)
  • cas_client_checkpoint (UNIX, Windows)
  • cas_fail_over_file (UNIX, Windows)
  • cas_fail_over_file_size_limit (Windows)
  • cas_max_reconnect_attempts (UNIX, Windows)
  • cas_md5_size_limit (UNIX, Windows)
  • cas_raw_data_limit (UNIX, Windows)
  • cas_reconnect_interval (UNIX, Windows)
  • cas_task_baseline (UNIX, Windows)
  • cas_task_checkpoint (UNIX, Windows)
  • cassandra_audit_delimiter (UNIX)
  • cassandra_audit_enabled (UNIX)
  • checksum (UNIX, Windows)
  • checksum_configuration (UNIX, Windows)
  • compression_level (UNIX, Windows)
  • connection_timeout_sec (UNIX, Windows, i)
  • correlation_timeout (Windows)
  • db2_shmem_driver_installed (Windows)
  • db2_tap_installed (Windows)
  • db_ignore_response (UNIX, Windows)
  • db_ignore_response_bypass_bytes (UNIX, Windows)
  • db_ignore_response_filter (UNIX, Windows)
  • db_ignore_response_local (UNIX, Windows)
  • db_ignore_response_resets_per_request (UNIX, Windows)
  • db_request_handler_enable (UNIX)
  • devices (UNIX, Windows)
  • disable_shared_memory_if_turned_on (Windows)
  • discovery_debug (UNIX)
  • discovery_interval (UNIX, Windows). Valid values: <n>m (for minutes) and <n>h (for hours).
  • enable_dynamic_ring_buffers (UNIX
  • extra_info (UNIX, Windows)
  • failover_tls (UNIX, Windows,i)
  • fam_enable (UNIX, Windows)
  • firewall_default_state (UNIX, Windows)
  • firewall_fail_close (UNIX, Windows)
  • firewall_force_unwatch (UNIX, Windows)
  • firewall_force_watch (UNIX, Windows)
  • firewall_installed (UNIX, Windows)
  • firewall_timeout (UNIX, Windows)
  • force_server_ip (UNIX)
  • guardium_ca_path (UNIX)
  • guardium_crl_path (UNIX)
  • hunter_trace (UNIX)
  • kafka_bootstrap_servers (UNIX)
  • kafka_keytab (UNIX)
  • kafka_principal (UNIX)
  • kafka_reader_enabled (UNIX)
  • kafka_topic_name (UNIX)
  • kafka_use_tls (UNIX)
  • kerberos_plugin_dir (UNIX)
  • khash_max_entries (UNIX)
  • khash_table_length (UNIX)
  • krb_mssql_driver_installed (Windows)
  • krb_mssql_driver_nonblocking (Windows)
  • krb_mssql_driver_ondemand (Windows)
  • krb_mssql_driver_user_collect_time (UNIX, Windows)
  • ktap_buffer_flush (UNIX)
  • ktap_buffer_size (UNIX)
  • ktap_dbgev_ev_list (UNIX)
  • ktap_dbgev_func_name (UNIX)
  • ktap_fast_file_verdict (UNIX)
  • ktap_fast_tcp_verdict (UNIX)
  • ktap_installed (UNIX)
  • ktap_request_timeout (UNIX)
  • lhmon_driver_installed (Windows)
  • lhmon_for_network (Windows)
  • load_balancer_ip (UNIX, Windows)
  • load_balancer_load_affinity (UNIX)
  • load_balancer_num_mus (UNIX, Windows)
  • log4j_listen_address (UNIX)
  • log4j_num_connections (UNIX)
  • log4j_port (UNIX, Windows)
  • log4j_reader_enabled (UNIX)
  • log_program_name (UNIX)
  • max_server_write_size (UNIX)
  • min_bytes_to_compress (UNIX, Windows)
  • modification_count (UNIX, Windows)
  • modification_host (UNIX, Windows)
  • modification_microsec (UNIX, Windows)
  • msg_aggregate_timeout (UNIX)
  • msg_count_watermark (UNIX)
  • named_pipes_driver_installed (Windows)
  • network_namedpipes (Windows)
  • number_of_processors (Windows)
  • ora_driver_installed (Windows)
  • participate_in_load_balancing (UNIX, Windows,i)
  • pcap_backup_ktap (UNIX, Windows)
  • pcap_buffer_size (UNIX)
  • pcap_dispatch_count (UNIX)
  • pcap_read_timeout (UNIX)
  • private_tap_ip (UNIX)
  • qrw_default_state (UNIX)
  • qrw_force_unwatch (UNIX)
  • qrw_force_watch (UNIX)
  • qrw_installed (UNIX)
  • remote_messages (UNIX, Windows,i)
  • shared_memory_driver_installed (Windows)
  • sqlguard_cert_cn (UNIX)
  • stap_statistic (UNIX)
  • stap_statistic_version (UNIX, Windows)
  • sybase_driver_installed (Windows)
  • syslog_messages (UNIX, Windows)
  • tap_buf_dir (UNIX)
  • tap_debug_output_level (UNIX)
  • tap_failover_session_quiesce (UNIX)
  • tap_failover_session_size (UNIX)
  • tap_identifier (UNIX, Windows)
  • tap_ip (UNIX, Windows)
  • tap_log_dir (UNIX)
  • tap_run_as_root (UNIX)
  • tee_installed (UNIX)
  • tee_msg_buf_len (UNIX)
  • tracefiles_dir (Windows)
  • uid_chain_sshd_ip (UNIX)
  • upload_feature (UNIX, Windows)
  • use_tls (UNIX, Windows,i)
  • wait_for_db_exec (UNIX)
DB section:
  • connect_to_ip (UNIX)
  • db2_client_offset (UNIX, Windows)
  • db2_fix_pack_adjustment (UNIX, Windows)
  • db_exec_file (UNIX)
  • db_install_dir (UNIX)
  • db_user (UNIX)
  • db_version (UNIX, Windows)
  • encryption (UNIX)
  • exclude_networks (UNIX, Windows)
  • instance_name (Windows)
  • intercept_types (UNIX)
  • named_pipe (Windows)
  • networks (UNIX, Windows)
  • port_range_end (UNIX, Windows)
  • port_range_start (UNIX, Windows)
  • priority_count (UNIX, Windows)
  • real_db_port (UNIX, Windows)
  • tap_db_process_names (Windows)
  • unix_domain_socket_marker (UNIX)
SQLGUARD section:
  • connection_pool_size (UNIX)
  • num_main_thread (UNIX)
  • sqlguard_ip (UNIX, Windows, i)
SQLC_n section (UNIX Oracle Unified Auditing only):
  • data_pull_interval (UNIX)
  • instance (UNIX)
  • username (UNIX)
  • roles (UNIX)
  • data_pull_num_rows (UNIX)

Default = all

stapHost String Required. Valid values:
  • all_active: All S-TAPs that are configured to report to this Guardium® system
  • all_unix_active: All S-TAPs that are configured to report to this Guardium system and are running on Linux-UNIX servers.
  • all_windows_active: All S-TAPs that are configured to report to this Guardium system and are running on Windows servers.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

Examples

To view the full S-TAP configuration:
grdapi display_stap_config stapHost=all_active filterConfigByParams=all
Sample response:
ID=9

1. 9.42.29.158
Id:9
TAP:
add_to_verification_schedule=0
all_can_control=0
alternate_ips=
appserver_installed=0
appserver_login_pattern=X
appserver_ports=8080
appserver_session_pattern=X
appserver_session_postfix=X
appserver_session_prefix=X
appserver_username_postfix=X
appserver_username_prefix=X
appserver_usersess_pattern=X
appserver_usersess_postfix=X
appserver_usersess_prefix=X
atap_exec_location=/var/guard
atap_request_handler_enable=1
buffer_file_size=50
cas_checkpoint_period=3600
cas_client_baseline=client_baseline
cas_client_checkpoint=client_checkpoint
cas_fail_over_file=fail_over_file
cas_max_reconnect_attempts=5000
cas_md5_size_limit=1000
cas_raw_data_limit=1000
cas_reconnect_interval=60
cas_task_baseline=task_baseline
cas_task_checkpoint=task_checkpoint
cassandra_audit_delimiter=GUARD_DELIM
cassandra_audit_enabled=0
connection_timeout_sec=10
db_ignore_response=none
db_ignore_response_bypass_bytes=4096
db_ignore_response_filter=0.0.0.0/0.0.0.0
db_ignore_response_local=1
db_ignore_response_resets_per_request=0
devices=none
discovery_dbs=oracle:db2:informix:mysql:postgres:sybase:hadoop:teradata:netezza:memsql
discovery_debug=0
discovery_interval=24h
discovery_ora_alt_locations=
discovery_port=8443
failover_tls=1
fam_enable=0
firewall_default_state=0
firewall_fail_close=0
firewall_force_unwatch=
firewall_force_watch=
firewall_installed=0
firewall_timeout=10
force_log_limited=0
force_server_ip=0
fsm_driver_installed=0
guardium_ca_path=
guardium_crl_path=
hunter_trace=0
kafka_bootstrap_servers=
kafka_group_name=stap
kafka_is_mapr=0
kafka_keytab=
kafka_principal=
kafka_reader_enabled=0
kafka_ssl_ca_location=
kafka_topic_name=NavigatorAuditEvents
kafka_use_tls=0
kerberos_plugin_dir=
khash_max_entries=8192
khash_table_length=24593
ktap_buffer_flush=0
ktap_buffer_size=4194304
ktap_dbgev_ev_list=0
ktap_dbgev_func_name=all
ktap_fast_file_verdict=1
ktap_fast_tcp_verdict=1
ktap_installed=0
ktap_request_timeout=5
ktap_version=
ld_library_paths=
load_balancer_ip=
load_balancer_num_mus=1
log4j_listen_address=0.0.0.0
log4j_num_connections=20
log4j_reader_enabled=0
log_program_name=0
max_packet_num=2000
max_server_write_size=65536
msg_aggregate_timeout=100
msg_count_watermark=64
os_type=
participate_in_load_balancing=2
pcap_buffer_size=-1
pcap_dispatch_count=16
pcap_read_timeout=0
private_tap_ip
qrw_default_state=0
qrw_force_unwatch=
qrw_force_watch=
qrw_installed=0
remote_messages=1
sqlc_properties_dir=
sqlguard_cert_cn=
stap_statistic=0
syslog_messages=1
tap_buf_dir=
tap_debug_output_level=0
tap_failover_session_quiesce=240
tap_failover_session_size=1024
tap_ip=9.42.29.158
tap_log_dir=
tap_run_as_root=1
tap_type=stap
tap_version=STAP-11.1.0.0_r106678_trunk_1-20190519_1933
tee_installed=0
tee_msg_buf_len=128
uid_chain_sshd_ip=0
upload_feature=1
use_tls=0
wait_for_db_exec=1
DB_0:
connect_to_ip=127.0.0.1,::1 
db2_fix_pack_adjustment=20
db2_shmem_client_position=0 
db2_shmem_size=131072 
db2bp_path=NULL
db_exec_file=/$ORACLE_HOME/bin/oracle
db_install_dir=/home/oracle18 
db_type=oracle 
db_user=oracle18 
encryption=0 
db_version=18
instance_running=1 
intercept_types=NULL 
load_balanced=1 
port_range_end=1525 
port_range_start=1520
priority_count=20 
real_db_port=1521 
tap_identifier=oracle_9.70.147.74(1521,1521,DB_0)
tee_listen_port=0 
unix_domain_socket_marker=ORCL 
networks=0.0.0.0/0.0.0.0,::/0
exclude_networks=


DB_1:
protocol=mysql
connect_to_ip=127.0.0.1
db2_fix_pack_adjustment=20
db2_shmem_client_position=0
db2_shmem_size=131072
db2bp_path=
db_exec_file=/home/mysql57/mysql/bin/
db_install_dir=/home/mysql57/mysql/data
db_type=mysql
db_user=mysql57
encryption=0
exclude_networks=
informix_version=9
instance_running=1
intercept_types=
load_balanced=1
networks=0.0.0.0/0.0.0.0
port_range_end=33060
port_range_start=3357
priority_count=20
real_db_port=3357
tap_identifier=mysql_9.42.29.158(3357,33060,DB_2)
tee_listen_port=
unix_domain_socket_marker=mysql.sock

DB_2:
protocol=db2
connect_to_ip=127.0.0.1
db2_fix_pack_adjustment=20
db2_shmem_client_position=61440
db2_shmem_size=131072
db2bp_path=
db_exec_file=/home/db2inst1/sqllib/adm/db2sysc
db_install_dir=/home/db2inst1
db_type=db2
db_user=db2inst1
encryption=0
exclude_networks=
informix_version=9
instance_running=1
intercept_types=
load_balanced=1
networks=0.0.0.0/0.0.0.0
port_range_end=50000
port_range_start=50000
priority_count=20
real_db_port=50000
tap_identifier=db2_9.42.29.158(50000,50000,DB_3)
tee_listen_port=
unix_domain_socket_marker=

SQLGUARD_0:
connection_pool_size=0
num_main_thread=1
primary=1
sqlguard_ip=<Guardium host-0 IP or name>
sqlguard_port=16016

SQLGUARD_1:
connection_pool_size=0
num_main_thread=1
primary=2
sqlguard_ip=<Guardium host-1 IP or name>
sqlguard_port=16016

SQLGUARD_2:
connection_pool_size=0
num_main_thread=1
primary=3
sqlguard_ip=<Guardium host-2 IP or name>
sqlguard_port=16016

SQLGUARD_3:
connection_pool_size=0
num_main_thread=1
primary=4
sqlguard_ip=<Guardium host-3 IP or name>
sqlguard_port=16016

SQLGUARD_4:
connection_pool_size=0
num_main_thread=1
primary=5
sqlguard_ip=<Guardium host-4 IP or name>
sqlguard_port=16016

SQLGUARD_5:
connection_pool_size=0
num_main_thread=1
primary=6
sqlguard_ip=<Guardium host-5 IP or name>
sqlguard_port=16016
ok
To view only the S-TAP parameters db_user and sqlguard_port:
grdapi display_stap_config stapHost=all_active filterConfigByParams=db_user,sqlguard_port
Sample response:
1. <S-TAP host IP>
Id:22

DB_0:
protocol=db2
db_user=db2inst1

DB_1:
protocol=Mysql
db_user=mysql8

DB_2:
protocol=Mysql
db_user=mysql8

DB_3:
protocol=Mysql
db_user=mysql57

SQLGUARD_0:
sqlguard_port=16016

SQLGUARD_1:
sqlguard_port=16016

SQLGUARD_2:
sqlguard_port=16016

2. <S-TAP host IP>
Id:21

DB_0:
protocol=db2
db_user=db2inst1

DB_1:
protocol=Mysql
db_user=mysq57

DB_2:
protocol=Mysql
db_user=mysq57

SQLGUARD_0:
sqlguard_port=16016

SQLGUARD_1:
sqlguard_port=16016

SQLGUARD_2:
sqlguard_port=16016

SQLGUARD_3:
sqlguard_port=16016
ok