Exporting data from GBDI

Examples of CSV files for each datatype that can be exported from GBDI to Guardium® Insights SaaS

Full SQL

_id,UTC Offset,Access Rule Description,Full Sql,Instance ID,Records Affected,Response Time,Session Id,Succeeded,Timestamp,Analyzed Client IP,Client Host Name,DB User Name,Database Name,Network Protocol,OS User,Server Host Name,Server IP,Server Port,Server Type,Service Name,Source Program,SonarG Source

ObjectId(61685f0b92797131ad44d7b9),-4,LFD,select @@microsoftversion,946128000022616957,1,0,946128000003634601,1,2021-10-14T14:13:20.000Z,9.55.234.155,(LOCAL),NT SERVICESQLSERVERAGENT,TEST123,WINDOWS NAMED PIPES,NT SERVICESQLSERVERAGENT,SYS-W2K12-DB02,9.55.234.155,111,MS SQL SERVER,MS SQL SERVER,SQLAGENT - TSQL JOBSTEP (JOB 0X9F570053C5653C448C17718A239CE190 : STEP 1),sys-vm14

ObjectId(61685f0b92797131ad44d7ba),-4,LFD,set quoted_identifier off,946128000022616958,,0,946128000003634603,1,2021-10-14T14:13:20.000Z,9.55.234.155,(LOCAL),NT SERVICESQLSERVERAGENT,MSDB,WINDOWS NAMED PIPES,NT SERVICESQLSERVERAGENT,SYS-W2K12-DB02,9.55.234.155,111,MS SQL SERVER,MS SQL SERVER,SQLAGENT - UPDATE JOB ACTIVITY,sys-vm14

1touch

"UTCOffset""DataSourceID""DataSourceName""DataSourceType""DataSourceIP""ServiceName""DBName""Port""ProcessDescription""Catalog""Schema""TableName""ColumnName""RuleDescription""ClassificationName""Category""StartDateTime""StartDateTimeUTC""Comprehensive""ResultDataRowID""Comments"

"+0""1""\N""ORACLE""rw2k16-01.isslab.usga.ibm.com""\N""on2pqsw2""1521""classification""\N""AUTODB""ACCOUNT_MASTER""account_id""\N""False""\N""2022-04-28 12:33:33""2022-04-28 12:33:33""FULLY""24032596209686814956""\N"

Exception

_id,UTC Offset,Exception ID,Session Id,User Name,Source Address,Destination Address,Database Protocol,Exception Timestamp,Exception Description,Link to more information about the exception,SQL string that caused the Exception,Exception Type ID,Database Error Text,App User Name,Error Code,Analyzed Client IP,Client Host Name,DB User Name,Database Name,Network Protocol,OS User,Server Host Name,Server IP,Server Port,Server Type,Service Name,Source Program,SonarG Source

ObjectId(6169ac9d9279716247787d87),-4,946128000000000349,620000000000,,,,,2021-10-15T15:03:01.000Z,S-TAP SYS-W2K12-DB02.ENCORE.CORP.ROOT reconnected.,SYS-W2K12-DB02.ENCORE.CORP.ROOT,,INFO_STAP_RECONNECT,N/A,,,,,,,,,,,,,,,sys-vm14

Instance

_id,UTC Offset,Instance ID,Session Id,Successful Sqls,Failed Sqls,Objects and Verbs,Construct Id,Period Start,DB User Name,OS User,Source Program,Server IP,Analyzed Client IP,Service Name,Client Host Name,Server Type,App User Name,Database Name,Application Event ID,Server Port,Network Protocol,Total Records Affected,Server Host Name,Timestamp,Average Execution Time,SonarG Source

ObjectId(761685d7b9279712015218e52),-4,846128000022667972,846128000003597552,1,0,ASImportTransferEvents exec,3f738721a571cf19f7150fdb02b96de26c62f97e,2022-01-23T15:00:00.000Z,NT SERVICESQLSERVERAGENT,NT SERVICESQLSERVERAGENT,SQLAGENT - TSQL JOBSTEP (JOB 0X994FE63CC247DF489F4C3335413F350C : STEP 1),9.55.234.155,9.55.234.155,MS SQL SERVER,(LOCAL),MS SQL SERVER,,TEST123,0,111,WINDOWS NAMED PIPES,-1,SYS-W2K12-DB02,2022-01-23T15:52:43.000Z,0,sys-vm14

Policy violation

_id,UTC Offset,OS User,DB User Name,Analyzed Client IP,Client Host Name,Source Program,Server IP,Server Type,Timestamp,Service Name,Severity,Full SQL String,Access Rule Description,Violation Log Id,Server Host Name,SonarG Source

ObjectId(6167f2f192797158696fa3b0),-4,NT AUTHORITY SYSTEM,SA,9.42.101.137,9.42.101.137,SQLSERVR.EXE,9.55.224.156,MS SQL SERVER,2021-10-14T08:30:00.000Z,MS SQL SERVER,1,"SELECT count FROM sys.database_permissions WHERE class IN (0,24) AND state IN ('G', 'W') AND type = 'CL'","Unauthorized Clients, Financial Servers - Log Violation",970763000000528773,SYS-WIN2016DB07 MSSQL2016,sys-vm102

Session

_id,UTC Offset,Access Id,Session Start,Session End,Database Name,Uid Chain,Login Succeeded,DB User Name,OS User,Source Program,Server IP,Analyzed Client IP,Service Name,Client Host Name,Server Type,Server Host Name,Server Port,Client Port,Network Protocol,Tap Identifier,Session Ignored,Sender IP,Inactive Flag,SonarG Source

946128000003597557,-4,b71cf8d8e6d3a34f0f98dbe28adc118109fdbd58,2021-10-14T06:06:50.000Z,2021-10-14T06:06:50.000Z,MSDB,,1,NT SERVICE SQLSERVERAGENT,NT SERVICE SQLSERVERAGENT,SQLAGENT - JOB MANAGER,9.55.234.155,9.55.234.155,MS SQL SERVER,SYS-W2K12-DB02,MS SQL SERVER,SYS-W2K12-DB02,110,33485,WINDOWS NAMED PIPES,"MSSQL(sys-w2k12-db02.encore.corp.root_MSSQLSERVER1433_sql\\query,sqllocal MSSQLSERVER)",No,9.55.234.155,1,sys-vm14