Question & Answer
Question
You are using the predefined CAS reports and using the "View Differences" tab. Many rows have no differences. Why is that and how can you efficiently view only those rows that show a difference?
Cause
These audit reports show a row for every time the data was monitored for changes. This period can be configured in the CAS Item Template Definition Panel.
Answer
During a particular sample time, data may never have changed but the audit is still logged. If the monitored item was not changed between the last two sample times, the "View Differences" will not show any changes.
To reduce the number of audit entries to review, use the query parameters to focus on a time period or a monitored item. Next sort by timestamp and scan the last modified time for a change in value. Then check the sample time right after that (by default, these columns are next to each other). Select that row to view the changes.
For more information about the content of the reports, see: http://www-01.ibm.com/support/docview.wss?uid=swg21670604
[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Configuration Audit System for Database Servers","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.0;10.0.1;10.1;10.1.2;10.1.3;10.1.4;10.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg22016700