Hi,
I have IBM guardium standalone version DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA
------------------------------

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?





------------------------------
Tsilavo Andriamialison
------------------------------

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA
------------------------------

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

Does LIVE_UPDATE mean Guardium and/or DB server need to connect to internet ?

------------------------------
Tsilavo Andriamialison
------------------------------

Original Message:
Sent: Mon February 28, 2022 10:32 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

Hi @Tsilavo Andriamialison:

LIVE_UPDATE does not require access to the internet. It's simply a flag that enables K-TAP update without requiring a server reboot. Default=Y. Linux-UNIX: S-TAP GIM installation parameters - IBM Documentation

------------------------------
Wendy
------------------------------

Original Message:
Sent: Mon March 07, 2022 09:05 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Does LIVE_UPDATE mean Guardium and/or DB server need to connect to internet ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon February 28, 2022 10:32 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

Hi , 
After upgrade , we go the following error  now :
LOG_CONF_ERR
MSG(819) MODULE(1) SEV(6) COUNT(1) CONF_ERROR: IPC reader failed to initialize Opening pseudo device /dev/guard_ktap No such file or directory,will check if ktap is loaded every 15 minutes, ktap_install is set to 0, no data will be captured from KTAP

Do you have any advice ?
Thanks 



------------------------------
Tsilavo Andriamialison
------------------------------

Original Message:
Sent: Mon March 07, 2022 09:54 AM
From: Wendy Zemba
Subject: STAP Verification failure

Hi @Tsilavo Andriamialison:

LIVE_UPDATE does not require access to the internet. It's simply a flag that enables K-TAP update without requiring a server reboot. Default=Y. Linux-UNIX: S-TAP GIM installation parameters - IBM Documentation

------------------------------
Wendy

Original Message:
Sent: Mon March 07, 2022 09:05 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Does LIVE_UPDATE mean Guardium and/or DB server need to connect to internet ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon February 28, 2022 10:32 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

Hi @Tsilavo Andriamialison,

It is ​the behavior of the S-TAP to change the ktap_install parameter to 0 when the K-TAP doesn't contain a module that matches your kernel version, so, the first step I would take is to determine if the S-TAP bundle you are using has a compatible K-TAP. 

Here's a link to the knowledge article on it: Linux-UNIX: Requesting a K-TAP module - IBM Documentation

------------------------------
Wendy
------------------------------

Original Message:
Sent: Tue March 08, 2022 03:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi ,
After upgrade , we go the following error  now :
LOG_CONF_ERR
MSG(819) MODULE(1) SEV(6) COUNT(1) CONF_ERROR: IPC reader failed to initialize Opening pseudo device /dev/guard_ktap No such file or directory,will check if ktap is loaded every 15 minutes, ktap_install is set to 0, no data will be captured from KTAP

Do you have any advice ?
Thanks



------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon March 07, 2022 09:54 AM
From: Wendy Zemba
Subject: STAP Verification failure

Hi @Tsilavo Andriamialison:

LIVE_UPDATE does not require access to the internet. It's simply a flag that enables K-TAP update without requiring a server reboot. Default=Y. Linux-UNIX: S-TAP GIM installation parameters - IBM Documentation

------------------------------
Wendy

Original Message:
Sent: Mon March 07, 2022 09:05 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Does LIVE_UPDATE mean Guardium and/or DB server need to connect to internet ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon February 28, 2022 10:32 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------

We solved the issue by reinstalling all module and bundle : GUIM , STAP , ...
However, here is another issue related to the same Standalone Guardium appliance :
We have another DB server with the following :
DB= postgresql 14
All KTAP and STAP status is OK now .
What is the meaning of the Traffic flagged not green as per the screenshot below ? : we got the same with postgresql 10.17 :



------------------------------
Tsilavo Andriamialison
------------------------------

Original Message:
Sent: Tue March 08, 2022 08:17 AM
From: Wendy Zemba
Subject: STAP Verification failure

Hi @Tsilavo Andriamialison,

It is ​the behavior of the S-TAP to change the ktap_install parameter to 0 when the K-TAP doesn't contain a module that matches your kernel version, so, the first step I would take is to determine if the S-TAP bundle you are using has a compatible K-TAP. 

Here's a link to the knowledge article on it: Linux-UNIX: Requesting a K-TAP module - IBM Documentation

------------------------------
Wendy

Original Message:
Sent: Tue March 08, 2022 03:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi ,
After upgrade , we go the following error  now :
LOG_CONF_ERR
MSG(819) MODULE(1) SEV(6) COUNT(1) CONF_ERROR: IPC reader failed to initialize Opening pseudo device /dev/guard_ktap No such file or directory,will check if ktap is loaded every 15 minutes, ktap_install is set to 0, no data will be captured from KTAP

Do you have any advice ?
Thanks



------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon March 07, 2022 09:54 AM
From: Wendy Zemba
Subject: STAP Verification failure

Hi @Tsilavo Andriamialison:

LIVE_UPDATE does not require access to the internet. It's simply a flag that enables K-TAP update without requiring a server reboot. Default=Y. Linux-UNIX: S-TAP GIM installation parameters - IBM Documentation

------------------------------
Wendy

Original Message:
Sent: Mon March 07, 2022 09:05 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Does LIVE_UPDATE mean Guardium and/or DB server need to connect to internet ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Mon February 28, 2022 10:32 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Upgrade to latest version of GIM & STAP with below s-tap parameters.

For windows:
STAP_Enabled - 1
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

For Linux:
STAP_ENABLED - 1
KTAP_ENABLED - 1
KTAP_LIVE_UPDATE - Y
KTAP_ALLOW_MODULE_COMBOS - Y
SQL_Guard_IP - 1.1.1.1 (1.1.1.1 is the collector ip for instance).

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Fri February 25, 2022 01:43 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

We have also S-TAP status amber and red : is it ok to start monitoring with that status ?
If not , what are the steps to do ?

------------------------------
Tsilavo Andriamialison

Original Message:
Sent: Tue February 22, 2022 08:14 AM
From: PHANENDRA RAO CHAVANA
Subject: STAP Verification failure

HI,

Just check whether you are able to log the db commands once installing monitoring policy.
If everything is fine, ignore STAP verification. It doesn't a matter.

Thanks,
Panendar Rao.C

------------------------------
PHANENDRA RAO CHAVANA

Original Message:
Sent: Tue February 22, 2022 03:28 AM
From: Tsilavo Andriamialison
Subject: STAP Verification failure

Hi,
I have IBM guardium standalone version

Build: 11.0

Release: 11.4.0_r111112_v11_4_1-el79-20210904_1954

DB server is Oracle linux 8.5
Db is oracle 12c
Have installed GIM and configured STAP
Got the following error: PROBLEM : S-TAP verification completed . The S-TAP is not monitoring network database trafic
1  failed checks :
-checks : detected a client IP/Mask (::/0) that  may prevent s-tap from processing the verification request
- action: check the online help for the definition of Client IP/Masks

5 successfull checks:
- sniffer is running
- S-TAP Host x.y.z.t is reachable
- There are no exclude IP masks defined that could prevent the verification request from being captured
- S-TAP Host x.y.z.t is active
- Load balancing is not impacting verification. Parameter 'PARTICIPATE_IN_LOAD_BALANCING is set to 0

Thanks for Your help/support .
Best regards
​

------------------------------
Tsilavo Andriamialison
------------------------------