create_db_user_mapping

This command helps maintain the mapping between database users (that is, invokers of SQLthat causes a violation) and email addresses for real-time alerts.

You can use wildcards as follows:
    • serverIp: You can use the percent sign (%) as a wildcard instead of the character for any element in the IP address. For example, the following addresses are valid:
      • 192.168.2.%
      • 2620:1f7:807:%:920:%

      However, the following example is not valid: 192.%

  • serviceName: Wildcards (%) are allowed.
  • dbUserName: Wildcards are not valid. The % sign is not a special character.
  • emailAddress: Wildcards are not valid. The % sign is not a special character.
Note: For delete_db_user_mapping and list_db_user_mapping, you can use the % wildcard for all parameters.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/db_user_mapping

GuardAPI syntax

create_db_user_mapping parameter=value

Parameters

Parameter Value type Description
dbUserName String Required. The DB username.
emailAddress String Required. For real-time alerts, the email address that maps to the DB user. The at symbol (@ ) is required.
serverIp String Required. The server IP address.
serviceName String Required. The server name.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

GuardAPI example

grdapi create_db_user_mapping serverIp=192.168.1.% serviceName=ora1 dbUserName=hadrian emailAddress=hadrian.swall@company.com