Creating a tuple group

The Groups page allows you to create 7-tuple groups. A tuple group allows multiple attributes to be combined together to form a single composite group member. Tuples can help simplify specifying conditions for reporting and policy rules.

Before you begin

By default, you must be assigned the Administrator role to be able to manage groups.
Important: If you have policy rules that use groups as rule conditions, modifying the groups by adding or removing members will result in reactivation of group members.

To open the Groups page, select Groups in the main menu. Open this menu by clicking the main menu icon (main menu))

Procedure

  1. Click Add group to open the Create a group dialog box.
  2. Name: Enter a name for the group (maximum 255 characters). This name is used to distinguish this group from other groups in Guardium® Insights SaaS.
  3. Type: Choose Connection as the group Type.
  4. Optional: Description: Enter a description for the group. This field accepts a maximum of 1000 characters.
  5. Optional: Set as a parent group that only contains other groups: Select this checkbox if you want to set the group to be a parent group.
    Parent groups: Some groups in Guardium Insights SaaS are parent groups without members of their own. These groups accept only child groups and they become populated when you add or import groups to them. Note these conditions that apply when importing groups that have the same name as existing Guardium Insights SaaS groups:
    • Predefined parent groups: If you import a group from a Guardium central manager that has the same name as a Guardium Insights SaaS predefined group, the imported group will become a child of the predefined group. The name of the imported child group will be the original name of the group, plus the name of the central manager appended to it.
    • User-defined parent groups: If you import a group from a Guardium central manager that has the same name as a Guardium Insights SaaS user-defined group, the imported group will become a new group in Guardium Insights SaaS (the name of the imported child group will be the original name of the group, plus the name of the central manager appended to it).
  6. Click Save.

Results

The new group opens to its details page, where you can add members and import members from a CSV file or LDAP. When adding members, you will need to specify 7 fields: Client IP, Source application, Database user, Server IP, Service name, Operating system user, and Database name.