update_external_stap_config

Use this API to modify External S-TAPs on a specified Guardium® host.

External S-TAPs are supported on UNIX or Linux machines only.

This API is available in Guardium v12.0 and later.

REST API syntax

This API is available as a REST service with the PUT method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/external_stap_config

GuardAPI syntax

update_external_stap_config parameter=value

Parameters

Parameter Value type Description
stapHost String Required. One of the following:
  • The UUID of the External S-TAP®.
  • all_active: All External S-TAPs that are configured to report to this Guardium system.

For valid values, call update_external_stap_config from the command line with --help=true.

updateValue String Required. Modifiable parameters in the guard_tap.ini configuration file. For valid values of each parameter refer to the parameter descriptions in the Windows and UNIX-Linux S-TAP configuration.
TAP section:
  • add_to_verification_schedule
  • all_can_control
  • alternate_ips
  • appserver_installed
  • appserver_login_pattern
  • appserver_ports
  • appserver_session_pattern
  • appserver_session_postfix
  • appserver_session_prefix
  • appserver_username_postfix
  • appserver_username_prefix
  • appserver_usersess_pattern
  • appserver_usersess_postfix
  • appserver_usersess_prefix
  • bad_alloc_counter_max
  • buf_msg_time_interval
  • buffer_file_size
  • buffer_mmap_file
  • checksum
  • checksum_configuration
  • compression_level
  • connection_timeout_sec
  • db_exit_list
  • db_ignore_response
  • db_ignore_response_bypass_bytes
  • db_ignore_response_filter
  • db_ignore_response_resets_per_request
  • db_request_handler_enable
  • enable_dynamic_ring_buffers
  • extra_info
  • failover_tls
  • firewall_default_state
  • firewall_fail_close
  • firewall_force_unwatch
  • firewall_force_watch
  • firewall_installed
  • firewall_timeout
  • force_server_ip
  • guardium_ca_path
  • guardium_crl_path
  • kerberos_plugin_dir
  • load_balancer_ip
  • load_balancer_load_affinity
  • max_server_write_size
  • min_bytes_to_compress
  • modification_count
  • modification_host
  • modification_microsec
  • msg_aggregate_timeout
  • msg_count_watermark
  • participate_in_load_balancing
  • private_tap_ip
  • qrw_default_state (
  • qrw_force_unwatch
  • qrw_force_watch
  • qrw_installed
  • remote_messages
  • sqlguard_cert_cn
  • stap_statistic
  • stap_statistic_version
  • syslog_messages
  • tap_buf_dir
  • tap_debug_output_level
  • tap_failover_session_quiesce
  • tap_failover_session_size
  • tap_identifier
  • tap_ip
  • tap_log_dir
  • upload_feature
DB section:
  • connect_to_ip
  • db_user
  • db_version
  • exclude_networks
  • networks
  • port_range_end
  • port_range_start
  • priority_count
  • real_db_port
SQLGUARD section:
  • connection_pool_size
  • num_main_thread
  • sqlguard_ip
SQLC_n section (UNIX Oracle Unified Auditing only):
  • instance
  • username
api_target_host String Required when running on a central manager.

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

GRDAPI examples

>grdapi update_external_stap_config stapHost=all-active updateValue=TAP.all_can_control:1
>grdapi update_external_stap_config stapHost=external_stap_uuid updateValue=TAP.all_can_control:1
>grdapi update_external_stap_config stapHost=all_active updateValue=TAP.all_can_control:1