Investigating assets and their risk attributes

Review and manage the asset context information that is imported from various sources to the IBM® Guardium® Insights asset inventory from one unified interface. The entities such as a database (of the same type) along with IP addresses with port, or host names with port constitutes an asset.

About this task

Version 3.4.x and later This content only applies to Guardium Insights Version 3.4.x and later.

Procedure

  1. Click Asset inventory in the main menu (Menu icon) at the upper left of the page.

    On the Asset inventory page, you can see the introduction banner that provides a basic information about asset definition and asset sources. Click Read more to view the contents. Click the close icon (Close icon) to remove the banner.

    By default, a list of all the assets that are in the asset repository is displayed on the Asset inventory page. The assets are imported from various sources at regular intervals and stored in the repository. You can also view the list of assets that are grouped by hostname. To focus on the asset contents that you want, you can apply various filters, customize the display of the columns, set a time range to view the asset list, or use the preset views.

    • To apply filters, click the filter icon (Filter icon) to open the Filters window, select the filter criteria, and then click Apply.
    • To customize the columns display in the table, click the customize columns icon (Customize columns icon). In the Customize columns window, select all the columns that you want to display in the table, and drag the columns to reorder them. Click Done when you are finished.
    • To set a time frame for viewing the assets based on the selected attribute, click the edit icon (Edit icon) next to Timeline. Select an attribute from the drop-down list and the time frame.
    • If you filter the table, customized its columns, or set a time frame to view the asset list that you want, you can save these settings by creating a preset view. When you click a preset view, the table changes to reflect the filter and columns. Guardium Insights SaaS provides two default preset views: All assets and New assets identified. Click the preset to apply the preset filter and view the refreshed asset count.

      To create a preset view, click Create new preset. In the Create new preset window, specify a name, description, option to make the default view, and click Create preset. Each preset view card has a menu with options to rename the card, reorder the cards, remove the card, and to make the view as default.

    • To view the list of assets that are grouped by hostname, click the group icon (Group icon) and select Hostname.
  2. Review the details in the asset list view.
    Tabs Description
    ID A system-generated unique identifier for the asset in Guardium Insights.
    Name A system-generated name of the asset. To modify the asset name based on your needs, hover on the asset name and click the edit icon.
    Description A brief description of the asset that includes the database name, associated IP addresses, and the host names.
    Tags The tag names that are assigned to an asset. Tags are automatically assigned to an asset based on the defined auto-tagging rules. You can also create and assign custom tags to your assets based on multiple criteria, for example, asset criticality or business context. Asset tagging helps you to classify and organize your assets for better management.
    Risk Severity level of the open risk events that are detected in the asset.
    Type Database type that is associated with the data source. For example, Oracle, Db2, or unstructured data types.
    Origin Source name from where the assets are imported into the asset inventory.
    Monitoring The status of the monitoring control that is enforced on the asset to protect the data.
    Connectivity Health status of the database server connectivity to Guardium Insights.
    Vulnerabilities Count of the critical, major, and minor vulnerabilities that are detected on the asset when a vulnerability scan is run on the source product. For example, Guardium Data Protection.
    GDP data sources Name of the Guardium Data Protection data sources where the vulnerability scan or classification scan is run.
    Sensitive data elements Number of sensitive data elements that are discovered on the source product when the classification scan is run. For example, Guardium Data Protection.
    Traffic Health status of the database traffic where S-TAP is installed for monitoring.
    User accounts The user account names who accessed the asset with open risk events.
  3. To see more details of your selected asset, click the asset ID. The asset overview information is displayed in the side window.
  4. To view the connected entities and their relationships with an interactive topology map, click Asset topology. On the topology map, you can view up to 10 connected entities. If the asset is connected with more than 10 entities, click the View all option on the last connected node to view details of the remaining entities. To close the topology, click the close icon.
  5. To view the complete details of the selected asset, click View full details.
    Widgets Description
    Asset information Provides a general information about your asset.

    If the selected asset contains a database that is associated with multiple server IP addresses or host names, a drop-down list is displayed. Select an IP address or hostname from the list to view the associated asset information.
    Monitoring health View the health status of the monitoring control that is enforced on the asset to protect the data.
    Open vulnerabilities View the number of critical and major vulnerabilities that are detected on the selected asset when the vulnerability scan is run.

    To view more details, click View all asset vulnerabilities information.
    Tags View the data criticality and business tags that are assigned to the selected asset. Click the edit icon (Edit icon) to modify details about the tags that are assigned.
    Classification results View the information about the sensitive elements that are discovered on the selected asset when the data classification scan is run.

    To view more details, click View classification report.
    Open risk events View the information about the open risk events (on databases or database users) and their risk levels that are associated with the selected asset.

    To view more details, click View all risk events information.
  6. To assign custom tags to an asset, select the asset from the list and click Manage tags. You can select multiple assets. For more information about creating and assigning the tags, see Managing tags.
  7. To view and manage the tagging rules, click Auto-tagging rules. For the defined conditions, you can create auto-tagging rules for automatically assigning tags and controls to your assets. For more information about creating tagging rules, see Creating auto-tagging rules.