Wishing a great day to the experts and engineers at IBM.
I am currently using Guardium with the GIM and STAP agents installed on the DB server, and the firewall mode is enabled.
Policies designed to block specific commands or access to sensitive tables are successfully being terminated. However, I need to configure a policy that blocks queries based on the number of records retrieved per query, according to our company’s policy — but this is not working as expected.
(I have already enabled the 'Log Records Affected' option in the inspection engine on the Collector.)
The attached screenshot shows the configuration for limiting 100 records per query with the action set to terminate, but when using a SELECT * ... LIMIT 100 query, it is not being blocked.