Predefined reports

Before creating custom reports from scratch, take advantage of the predefined Guardium reports.

Get the information that you seek faster, by accessing predefined reports available from the Guardium application. These predefined reports can be cloned and customized to the needs of the user.

Using the Guardium predefined reports is a best practice recommendation, enabling organizations to quickly and easily identify security risks, such as inappropriately exposed objects, users with excessive rights, and unauthorized administrative actions. Examples of the many predefined reports include: accounts with system privileges; all system and administrator privileges, which are shown by user and role; object privileges by user; and all objects with PUBLIC access.

The parameters (columns) display can be edited using Customize in any report screen.

Use the search function of help to go to the specific report directly. Use quotation marks around words or phrases to precisely define search terms.

Use cases for predefined reports

Database administrator

• SQL Errors - An increase in SQL errors may indicate a SQL injection attack.
• DDL (verify schema changes) - This report displays the client IP from which the DDL was requested, the main SQL verb (a specific DDL command), and the total objects accessed for that record.
• Failed logins - This report indicates attempts to access the database with expired login credentials.

Information security officer

• Failed logins - People with proper credentials trying to access the database.
• Terminated users - Terminated users trying to access the database.
• Policy violations - Users and issues that violate security policies.

Auditors

• Compliance reports - PCI, SOX, Data Privacy
• Compliance workflow - Shows evidence of signoffs and procedures.