Connect to a secret server so you can correlate PAM data with database events, and
identify the user behind a Risk Event.
Before you begin
To see the various settings, open the main menu. Open this menu by clicking the main menu icon ()) After opening the menu, select
Integrations and then select the IBM® Security Verify Privilege
Vault card.
About this task
In a PAM solution, users must check out privileged accounts to use them. For example, a database
administrator wants to update a table in a database. The user checks out the credentials from the
PAM solution, and then uses them on the database. The PAM solution tracks who is using the
credentials (who) and the time frame (when). Guardium® Insights can connect to a secret server and correlate PAM
data with database events, and identify the potential threat actor.
Procedure
- After reading the About information, click
Next.
- Enter a unique name for the integration in the
Name field.
- Server URL: secret server IP address that uses a TLS connection
that starts with HTTPS only. For example,
- https://your.company.com/SecretServer
- https://your.company.com:8443/SecretServer
- Username: Secret server admin user or a user with the admin
role.
- Password: Secret server admin password.
- Optional: Public SSL certificate: Enter the server
certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
- PAM activity query time range: Set the time range for query from
the Thycotic database. The default PAM query duration, the time interval for which the secret server
returns details of privileged accounts check-out, is 2 hours.
- Include personal folders: Secrets are typically stored in common
folders - but could also be stored in personal folders. If this check box is selected, personal
folders will be included when checking for secrets.
- Click Finish.
- In the Authentication details tile, click Test connection to test
the connection.