Installing the S-TAP for IBM i

Follow these steps to install or uninstall the S-TAP.

Before you begin

The DB2 for i S-TAP requires Portable Application Solutions Environment (PASE), which is automatically started and stopped as needed when a user starts and stops the DB2 for i S-TAP from the IBM Guardium user interface.

You must know the IP address of the Guardium system to which this S-TAP will connect.

When you download the S-TAP, be sure to filter for the IBM i platform, to ensure that you download the correct package.

About this task

The Guardium Installation Manager (GIM) is not supported on IBM i.

You can use 5250 emulator software to connect to the IBM i system remotely.

Procedure

  1. On the IBM i server, enter this command to open the PASE shell: call qp2term.
  2. In the PASE shell environment, create a temporary directory to hold the S-TAP installation script, such as /tmp.
  3. Use FTP to move the following S-TAP installation shell script to that temporary directory: guard-itap-9.0.0_rnnnnn-aix-5.3-aix-powerpc.sh
  4. In the same directory, run this command: 
    guard-itap-9.0.0_rnnnnn-aix-5.3-aix-powerpc.sh guardium_host_IP
    where guardium_host_IP is the IP address of the Guardium system.

Results

The S-TAP is installed in /usr/local/guardium. After the installation is complete, the S-TAP attempts to start the processes that enable activity monitoring and to connect to the Guardium system by using the IP address that was specified with the installation command.

What to do next

To validate the successful installation and start of the audit process, log in to the IBM Guardium web console as an administrator, navigate to the System View tab, and check the status of the S-TAP.

Parent topic: DB2 for IBM i S-TAP

Uninstalling the S-TAP

Procedure

To stop and uninstall the S-TAP, issue these commands: 
RUNSQL SQL('call SYSPROC/SYSAUDIT_End') COMMIT(*NONE)  
RMVDIR DIR('/usr/local/guardium') SUBTREE(*ALL)