Customizing the Guardium connector IP address and port

If you are connected to and streaming data from Guardium and need to modify the collector IP address or port, follow the instructions in this topic.

Before you begin

Guardium Data Security Center port requirements are described in Port requirements.

If you need to change the host and/or port that Guardium Data Protection uses for communicating to Guardium Data Security Center, ensure that you are logged in to the OpenShift® command line interface and that you have switched to the Guardium Data Security Center OpenShift namespace that you created when preparing your environment

To learn how to customize the IP address and port, follow the link that best describes your situation:

Customizing the port in preparation for installation

Procedure

  1. When preparing the Guardium Data Security Center custom resource (CR) file (see this step for all-in-one installations or this topic for manual installations), add an ibm-insights-sequencer: section to the CR file, similar to:
    apiVersion: gi.ds.isc.ibm.com/v1
    kind: GuardiumInsights
    metadata:
      #name: This must be 10 or less characters
      name: gi
    spec:
      ibm-insights-sequencer:
        GUARDIUM_AGENT_SCP_TARGET_HOST: "1.2.3.4 or DNS"
        GUARDIUM_AGENT_SCP_PORT: 12345
  2. Proceed with the installation by applying the CR file.

Customizing the port after deploying Guardium Data Security Center

Procedure

  1. Retrieve the list of installed Guardium Data Security Center custom resource (CR) files:
    oc get guardiuminsights
  2. Edit the Guardium Data Security Center CR file:
    oc edit guardiuminsights <cr_name>
  3. In the spec: section, add or merge this:
    ibm-insights-sequencer:
        GUARDIUM_AGENT_SCP_TARGET_HOST: "1.2.3.4 or DNS"
        GUARDIUM_AGENT_SCP_PORT: 12345

    For example,

    apiVersion: gi.ds.isc.ibm.com/v1
    kind: GuardiumInsights
    metadata:
      #name: This must be 10 or less characters
      name: gi
    spec:
      ibm-insights-sequencer:
        GUARDIUM_AGENT_SCP_TARGET_HOST: "1.2.3.4 or DNS"
        GUARDIUM_AGENT_SCP_PORT: 12345
  4. Save and exit the file - and then verify that the configmap has been updated by the operator (note that this may take some time):
    oc get configmap <guardium_insights_cr_name>-ssh-service-port -oyaml
  5. Once the configmap has been updated, issue this command to restart the pod:
    oc delete $(oc get po -oname | grep guardium-connector | grep -v fetcher)