Linux-UNIX: Copying a K-TAP module with GIM
If you build a custom K-TAP module for a Linux database server, you can use GIM to copy that module to other servers that are running the same Linux distribution. For example, you can build a K-TAP on a test system and then copy it to one or more production database servers after testing.
Before you begin
- Verify that STAP_UPLOAD_FEATURE=1 on the database on which you are going to build the custom module. By default, the parameter STAP_UPLOAD_FEATURE is 1. The default enables automatic upload of the newly built K-TAP module to the Guardium® system that hosts the GIM server that manages the S-TAP bundle. This setting does not affect S-TAP diagnostic files. They are uploaded to the Guardium system that the S-TAP is registered with.
- Set GIM_ALLOW_CUSTOMED_BUNDLES=1 on each DB server that you want to copy the K-TAP module to. For security reasons, this parameter must be set manually on each DB server. GIM_ALLOW_CUSTOMED_BUNDLES=1 cannot be changed from 0 to 1 in the GUI or the API. Only the operating system admin can change the value from 0 to 1 after GIM is installed. This parameter can be set to either 1 or 0 when you use the configurator utility on the DB server. This functionality is checked during the K-TAP installation (on the DB server). It is not checked while you are assigning or scheduling a bundle installation or a parameter update (like all the other parameters are validated). (You can set GIM_ALLOW_CUSTOMED_BUNDLES=0 from the Guardium system. )
- The GIM client is installed and points to the central manager.
Note: The S-TAP bundle is always visible in the GIM GUI. However, the S-TAP console displays only
the S-TAP agent if sqlguard_tapip (in guard_tap.ini) points
to the same IP that is listed in the GIM configuration 'gim_url'.
If sqlguard_tapip points to a different IP address, then the S-TAP agent does not display in the S-TAP console.