IBM Support

How do I configure Guardium to accept non-standard character sets?

Question & Answer


Question

When I use non-standard characters on my database, Guardium is incorrectly capturing the information. How do I resolve this?

Cause

You may see various issues in the Guardium system caused by using specific character sets. Most commonly this will be seen in a incomplete SQL statement, however this applies to any information that uses non-standard characters (Such as a Username, Database name...).

Answer

There are 2 configuration settings that need to be implemented:

1. Adding an Analyzer Rule to the Sniffer:


    1. Run the command "store gdm_analyzer_rule new" in the CLI.

    2. Enter a rule name (Eg. Language Char Set 1)

    3. Set rule type to 2 (Set alternate character set)

    4. Select the DB protocol from the given list (1-11).

    5. You can optionally add IP, IP Masking and Service name parameters to restrict the rule.

    6. Enter desired character set

    7. Run the command "restart inspection-core"


      For example:
      vmguard13.hursley.ibm.com> store gdm_analyzer_rule new
      Please enter rule description:  Croatian Char Set 1

      Rule type:
              1. Change source program
              2. Set alternate character set
              3. Send verdict
              4. HADOOP exclude

      Please select rule type (required):  2

      Database protocol:
              1.  INFORMIX sqlexec
              2.  IBM Iseries
              3.  MS SQL NAMED PIPES
              4.  PostgreSQL
              5.  Oracle
              6.  MYSQL
              7.  MS SQL Server
              8.  SYBASE
              9.  Netezza
              10.  SYBASE ANYWHERE (IQ)
              11.  TeraData

      Please select DB protocol (required):  5
      Please enter server IP (optional):
      Please enter server IP mask (optional. Default to 255.255.255.255):
      Please enter service name (optional):
      Please enter pattern (required):  force=146
      Do you want to activate the rule now? (Yes/No)
      ok
      vmguard13.hursley.ibm.com> restart inspection-core
      Restarting inspection-core
      ok

2. Adding an Extrusion Rule to the Policy:

    1. Navigate to GUI -> Tools -> Config & Control -> Policy

    2. Select the policy you intend to use, then Modify -> Edit Rules... -> Add Extrusion Rule...

    3. Set "Data Pattern" to "guardium://char_set?hint=1234" (Where 1234 is your desired character set). See character set reference in the related information.

    4. Add an Action to "SET CHARACTER SET"


      For example:

Related Information

Charater set reference

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Central Manager and Aggregator","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.2;9.0;9.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21697629

Page Feedback