IBM Support

IBM Security Guardium: There is traffic but Sessions List report is empty, if Data level security filtering option is Enabled

Troubleshooting


Problem

Data level security filtering option is enabled in Global Profile. The appliance is collecting traffic however Sesions List built-in report is empty, it brings no results.

Symptom

You know appliance is collecting traffic however Sessions List report (and all other traffic reports) are empty.

Cause

Data level security filtering option is Enabled under Global Profile but you have not configured Data level security on this appliance thus, it should not be enabled in Global Profile.

Note: There are many reasons why a report can be empty. The intention of this Technote is not to cover all of them but to concentrate in the case when Data-level security is enabled.

Diagnosing The Problem

1.- Confirm that Sessions List built-in report brings no results.

2.- Confirm the appliance is receiving traffic. You can use a combination of below methods to do this:

- run iptraf cli command and check if the appliance is receiving tcp/ip packets from the STAPs.

- run the Buffer Usage Monitor Report and check if traffic is being logged to mysql. If number in field Logger Total increases it means it is logging sessions. You can also use other fields from this report. Refer to Self Monitoring link in the Related URL section for more details on this report.


3.- Confirm that Data level Security is Enabled(Green) under Setup > Tools and Views > Global Profile


Resolving The Problem

Do one of the following to resolve the issue:


- If you do not use data-level access security in your appliance: Disable Data level Security under Setup > Tools and Views > Global Profile. Steps:

1) Navigate to

2) click the Disable button to the right of option Data level security filtering

3) Verify it is Disabled (color changs to red and the button to the right reads "Enable")

4) Apply the changes



or


- if you use data-level access security on this appliance, make sure the logged user running the report has been granted access


or


- add an exemption for the logged in user by adding the user to the datasec-exempt role (in Access Management).

When you add the user to the datasec-exempt role, next time you run the report, a check box labeled "show All" will be shown in the GUI viewer (report). Check this checkbox and all the records will be shown (no filter will be applied). In other words, the user with datasec-exempt role can see all the rows from the report (as if there was no data level security).

Refer to Data Security - User Hierarchy and Database Associations in the Related URL section for more information on Data level Security in the documentation.

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.0;10.0.1;10.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21987813

Page Feedback