Unexpected results in Guardium reports with embedded commands

If you receive unexpected results in Guardium reports, configure your policy rules to handle depth by using tuples.


You see results in your reports that you do not expect or that you believe should be filtered out by the policy. Conversely, you do not capture statements that you expect to capture.


The SQL usually has several objects and commands that are embedded in the statement. The policy or report definition is not configured to deal with objects or commands at different depths.


Guardium collectors are affected.

Resolving the problem

Verify that your conditions match the correct object name. Use the correct main entity to show objects or SQL verbs at different depths. If you still see unexpected behavior, use the group builder to define a group of tuples to use in the policy. A tuple allows multiple attributes to be combined to form a single group member.

Note: Tuple supports the use of one slash and a wildcard character (%). It does not support the use of a double slash.