Unexpected results in Guardium reports with embedded commands
If you receive unexpected results in Guardium
reports, configure your policy rules to handle depth by using tuples.
Symptoms
You see results in your reports that you do not expect or that you believe should be filtered out by the policy. Conversely, you do not capture statements that you expect to capture.
Causes
The SQL usually has several objects and commands that are embedded in the statement. The policy or report definition is not configured to deal with objects or commands at different depths.
Environment
Guardium collectors are affected.
Resolving the problem
Verify that your conditions match the correct object name. Use the correct main entity to show objects or SQL verbs at different depths. If you still see unexpected behavior, use the group builder to define a group of tuples to use in the policy. A tuple allows multiple attributes to be combined to form a single group member.
Note: Tuple
supports the use of one slash and a wildcard character (%). It does
not support the use of a double slash.