Troubleshooting
Problem
The client has a report which uses the 'SQL' entity, which shows the SQL command being executed in their reports. The problem is that for their monitored MongoDB and DB2 traffic, it shows the full SQL commands being run and does not mask the values. This exposes sensitive information in the reports and the client feels like this should not be the case as they are not logging full details in their installed policy.
Symptom
Reports using the SQL entity, display the full SQL commands being run and does not mask the values potentially exposing SPI/PII depending on the commands being run.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Component":"v10","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.1.4","Edition":"","Line of Business":{"code":"LOB76","label":"Data Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
24 September 2018
UID
ibm10732787