Hello Seniors,  Greetings!

I need some help to get assistance on Guardium Data Marts. Actually, I have a Non-Selective Policy Installed & I would like to send all the audited data to the Splunk solution, However, I don't want to use Audit Jobs OR Syslog configuration here, rather, want to utilize Guardium Data Marts. earlier, there was direct integration within Guardium to Splunk under Guardium Apps. Now, it has been removed. So, wanted to check any other methods to achieve this. your guidance would be really appreciated.  Thank you!

I have a similar issue. I was using the SonarG interface rather than the Splunk one, but I needed a replacement. For what I see in V12, there are 2 types of process to generate and populate Datamart. A standard one , for example Full SQL and several versions for GI, v1 to v5 and for Coll and Aggs. However, checking them, they ALL limit themselves to 10 data/columns, which is quite strange since Guardium has probably a few hundreds data. But when I trie to generate a query to use on a Datamart of mine to get more than 10 columns, I got the bad surprise of being told the number of columns is (severely) limited . See the message I get : https://docs.google.com/drawings/d/1tpdqeRJD54vvNr50Sbw-RRJjplhftJRJF1u_VIXcfow/edit?usp=sharing 

If confirmed, this limitation is a sever blow, as I don't see how GI can do anything by receiving just 10 data.