IBM Support

Release of Guardium Data Protection sniffer patch 12.0p4009

Release Notes


Abstract

This technical note provides guidance for installing IBM Guardium Data Protection sniffer patch 12.0p4009, including any new features or enhancements, resolved or known issues, or notices associated with the patch.

Content

Patch information
  • Patch file name: SqlGuard-12.0p4009_Snif_Apr_27_2025.tgz.enc.sig
  • MD5 checksum: a37e9a9903c62db57364a8c28c032382
Finding the patch 
  1. Select the following options to download this patch on the IBM Fix Central website and click Continue.
    1. Product selector: IBM Security Guardium
    2. Installed Version: 12.0 or 12.1
    3. Platform: All
  2. On the "Identify fixes" page, select Browse for fixes and click Continue.
  3. On the "Select fixes" page, select Appliance Sniffer Patch. Then, enter the patch information in the Filter fix details field to locate the patch.
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Installation
Notes:
  • This universal sniffer patch can be installed on releases of Guardium 12.0 and 12.1.
  • This patch restarts the sniffer process.
Overview:
  1. Download the patch and extract the compressed package outside the Guardium system.
  2. Be sure to check the latest version of these patch release notes online just before you install this patch.
  3. Pick a "quiet" or low-traffic time  to install the patch on the Guardium system.
  4. Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors.  This sniffer patch must be installed across all the appliances such as the central manager, aggregators, and collectors.
For more information, see How to install patches in the Guardium documentation.
New currency items
This patch provides the following new currency items.
Issue key Summary
GRD-85892
Support for SingleStoreDB (MemSQL)
GRD-91599
Support for DataStax Enterprise 6.9.5
GRD-91613
Support for Apache Cassandra 5.0
GRD-91626
Support for IBM Informix 15
GRD-94306
Support for Neo4j 2025.01.0
GRD-94720
Support for Apache CouchDB 3.4.2
GRD-94723
Support for CockroachDB 25.1, UNIX only
GRD-95711
Support for PostgreSQL and EDB Postgres 17.4
GRD-95729
Support for SAP HANA Platform 2.0 support package stack (SPS) 08
Resolved issues
This patch resolves the following issues.
Patch Issue key Summary Known issue (APAR)
12.0p4008
See release notes for patch 12.0p4008
12.0p4009
GRD-96382
Addressed handling of the compressed traffic from DataStax Studio for Apache Cassandra NoSQL database
DT437106
GRD-97520
In alert messages, %%receiptTime and %%SQLTimestamp are different:
  • %%receiptTime now represents the timestamp when the alert is issued by sniffer.
  • %%SQLTimestamp remains the same as before. For example, the SQL traffic's timestamp sent from S-TAP.
  • %%receiptTimeMills is the integer number value representing the UNIX timestamp in milliseconds when the alert is issued by sniffer.
DT437122
GRD-94549
Redis traffic parser errors
DT426398
GRD-96786
MariaDB double-quoted strings not handled as literals
DT437261
GRD-97285
Valid Teradata SQL with "NOT=" operator caused parser error
DT435869
GRD-97325, 
GRD-97838, 
GRD-98288
Fixed Teradata parser errors
DT435870, 
DT437093, 
DT437091
Bug fixes
This patch provides the following bug fixes.
Issue key Summary
GRD-91334
Fixed parser errors for vector database support
GRD-93301
Fixed parser errors for Couchbase
GRD-95419
SingleStore database name and user name captured for Java Database Connectivity (JDBC) driver
GRD-95456
Queries from Python client to redis-stack captured for vector database
GRD-95618
Fixed Teradata parser errors
GRD-96119
Capture of some statements for Neo4j using cypher-shell connection
GRD-97314
Fixed Oracle Unified Auditing parser errors
GRD-97855
Fix Microsoft SQL Server parser errors

[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"},{"code":"a8m0z000000Gp0SAAS","label":"SNIFFER"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"12.0.0;12.1.0"}]

Document Information

Modified date:
29 May 2025

UID

ibm17234619

Page Feedback