Managing object audit in multiple databases

About this task

This view lists all objects found by the classification processes run on the selected datasources. Objects can be found by more than one classification process. View the objects grouped by object (default), or classification. The Found by Classification column lists all the classification processes that identified the object.

When objects are identified by the classification process but were not enabled automatically for object audit, New objects found appears above the objects table. Click New Only to filter for all new found objects that require handling. Review the New objects and either enable object auditing, or clear the New flag.

New objects could be found every time the classification runs. When there are no New objects, you are up to date with the new objects evaluation.

Review the data sources periodically, checking for New objects, and optionally adding or removing objects from the object audit. For example, you might remove objects that do not need auditing but were automatically added, or if a database is having performance issues. Or you might identify a suspicious object that is not audited, and add it to the object audit.

Group by Object: To view all new found objects, type New in the text filter.

To enable or disable the object audit on one object in all the selected datasources, select the row(s) and click Action > Enable / Disable

To take action per datasource, click Present in # datasources to view all datasources whose classification processes have identified the selected object

Group by Classification is especially useful when you have almost identical datasources, or classification policies, whose objects need auditing without any further evaluation, for example GDPR.

Procedure

  1. If you assigned the Classification process before you enabled DB Audit, run the Classification once now (or wait for next scheduled run) and wait a few minutes for Guardium® to identify objects.
  2. When grouped by object:
    1. Select multiple datasources that have New objects in the Objects column of the Databases Table. Use the filter New objects found to identify these datasources.
    2. Click DB Auditing > Manage Object Auditing. The Manage Object Auditing window opens.
    3. If the object must always be audited in all the datasources, select the row(s) and click Actions > Enable Audit.
      The system responds with the success or failure of the operation.
    4. If you want to enable the object audit on individual databases, click the number in the Present in # Datasources column, in the row of the object to open the Datasources containing <object> window. This window shows all datasources whose classification processes have identified the selected object. Select one or more datasource rows and click Actions > Enable Audit.
  3. For a classification process whose identified objects always need auditing without further evaluation: Click the Classification radio button (above the table); select one or more rows of classification processes, and click Actions > Enable Audit.