Troubleshooting
Problem
Unable to delete several duplicate Detail Exceptions on several Assessments.
When you select the minus "-" icon, the count goes down until the page refreshes then shows the original count.
To repeat:
Run assessment
View results
Select assessment name link
Select create test details exception
Observe: the # of exceptions (total 5 in my case)
Select an exception from the list
Select the - "minus" icon
Observe: the total count decreases to 4 then goes back to 5
5 exceptions remain.
Run assessment
View results
Select assessment name link
Select create test details exception
Observe: the # of exceptions (total 5 in my case)
Select an exception from the list
Select the - "minus" icon
Observe: the total count decreases to 4 then goes back to 5
5 exceptions remain.
Resolving The Problem
This behavior is correct and working by design.
Guardium does not test detail exceptions but expires those by the expiration date. It's the same with update.
Guardium expires existing records and create a new record on update event.
Both are done for Auditing purposes
Guardium expires existing records and create a new record on update event.
Both are done for Auditing purposes
NOTE: EXPIRED TEST DETAIL EXCEPTIONS DO GET PURGED
The purge is set by default to 30 days after the expiration and it can be changed via CLI:
show purge objects age
92 30 DAY Central Management Test Detail Exceptions
93 30 DAY Central Management Test Exceptions
93 30 DAY Central Management Test Exceptions
Example:
To change "Central Management Test Detail Exceptions" from purge in 30 days to purge in 15 days.
store purge object age 92 15
ok
show purge objects age
ok
show purge objects age
92 15 DAY Central Management Test Detail Exceptions
93 30 DAY Central Management Test Exceptions
93 30 DAY Central Management Test Exceptions
If you want to remove all the expired exceptions quickly, this can be done by modifying the purge interval for those exceptions.
NOTE: DO NOT SET THE PURGE OBJECT AGE TO ZERO, OTHERWISE THE SETTING WILL NO LONGER BE ABLE TO BE MODIFIED FROM THE CLI. ROOT ACCESS INTO MYSQL WILL BE NEEDED TO RESET THE OBJECT.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0RAAS","label":"VULNERABILITY ASSESSMENT"}],"ARM Case Number":"TS012310246","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
09 August 2023
UID
ibm17024960