IBM Support

What are the difference between S-Taps (XY1A:XY1B:ASC and XY1A:XY1B:POLICY)?

Question & Answer


Question

What are the difference between S-Taps (XY1A:XY1B:ASC and XY1A:XY1B:POLICY)?
Are they specific to a database?
How can we identify if there are logs coming from either?
image-20230228151142-1

Answer

Identify the difference between S-Taps (XY1A:XY1B:ASC and XY1A:XY1B:POLICY)
(XY1A:XY1B) - would indicate that this is the same STAP started task on the mainframe - monitoring the same DB2 sub-system on the same LPAR
(XY1A:XY1B = LPAR:Subsystem)
The type of STAP indicates that task’s function within the STAP. ASC is the event capture (capturing all SQL statements, DB2 commands, etc.).
The POLICY is the task that received the DB2 COLLECTION PROFILE policy rule from the collector and implements it as the filtering mechanism for the ASC.

How can we identify if there are logs coming from either?
The POLICY STAP does not send any traffic events to the collector. ASC events can be monitored using any traffic session or detail report. The SESSIONS LIST report can be used to easily verify traffic is being received from the mainframe STAP.
Reference:
11.3 IBM Security Guardium S-TAP for Db2 on z/OS - User's Guide
https://www.ibm.com/docs/en/SSMPHH_11.3.0/pdf/ADH_V1130.pdf
NOTE: The User Guide only addresses the mainframe STAP - it does not go into details about how to configure the appliance policy, reports etc.

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSCA4SV","label":"IBM Security Guardium S-TAP for Db2 on z\/OS"},"ARM Category":[{"code":"a8m0z0000000CdpAAE","label":"z\\OS"}],"ARM Case Number":"TS012086203","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
28 February 2023

UID

ibm16958791

Page Feedback