The Groups page allows you to create 7-tuple groups. A tuple group allows multiple
attributes to be combined together to form a single composite group member. Tuples can help simplify
specifying conditions for reporting and policy rules.
Before you begin
By default, you must be assigned the
Administrator
role to be able to manage groups.
Important: If you have policy
rules that use groups as rule conditions, modifying the groups by adding or removing members will
result in reactivation of group members.
To open the Groups page, select Groups in the main menu. Open this menu by clicking the main menu icon ())
Procedure
- Click Add group to open the Create a group dialog
box.
- Name: Enter a name for the group (maximum 255
characters). This name is used to distinguish this group from other groups in Guardium®
Insights SaaS.
- Type: Choose Connection as the group
Type.
- Optional: Description:
Enter a description for the group. This field accepts a maximum of 1000 characters.
- Optional: Set as a parent group that only
contains other groups: Select this checkbox if you want to set the group to be a parent
group.
Parent groups: Some groups in
Guardium
Insights SaaS are parent groups without members of
their own. These groups accept only child groups and they become populated when you add or import
groups to them. Note these conditions that apply when importing
groups that have the same name as existing Guardium
Insights SaaS groups:
- Predefined parent groups: If you import a group from a Guardium central
manager that has the same name as a Guardium
Insights SaaS predefined group, the imported group will become a
child of the predefined group. The name of the imported child group will be the original name of the
group, plus the name of the central manager appended to
it.
- User-defined parent groups: If you import a group from a Guardium central
manager that has the same name as a Guardium
Insights SaaS user-defined group, the imported group will become
a new group in Guardium
Insights SaaS (the name of the imported
child group will be the original name of the group, plus the name of the central manager appended to it).
- Click Save.
Results
The new group opens to its
details page, where you can add members and import members from a CSV file or LDAP. When
adding members, you will need to specify 7 fields: Client IP,
Source application, Database user, Server
IP, Service name, Operating system user,
and Database name.