Data source privileges for producing assessments
Producing vulnerability assessments in IBM® Security Guardium® Analyzer requires access to your data sources and specific data source privileges. The scripts provided in this topic can be used to create groups or roles with these privileges. Once created, these groups or roles can be assigned to the data source users that you will use when creating connectors.
Download: Data source scripts
The scripts that are provided in this archive file cover most supported data source types and are designed to be run in the data source tool itself. After downloading and extracting the file, locate the script for your data source. The file names for these scripts are:
- DB2®: db2.sql
- DB2 for i: db2i.sql
- Oracle: oracle.sql
- Oracle container data source: oracle-container.sql
- MS SQL: sql-server.sql
- MS SQL with
- MySQL: mysql.sql
Once you have downloaded the scripts required for your data source server, closely review and follow the instructions in the script headers. The privileges granted for each data source type can be seen in the script.
- For MS SQL, there are a number of tests performed by Guardium Analyzer that require
sysadminprivileges. If you can create a user with these privileges, use the sql-server-SA.sql script. If you cannot create a user with these privileges, use sql-server.sql. However, when sql-server.sql is used, the tests that require
sysadminprivileges will result in an error resulting from lack of privilege.
- If the data source scripts file does not automatically download, right-click the link and save the file to your hard disk.