Hi Rao,
Thank you for your input!
As you know all my machines are running on premises.
I have used this script:
./container_mgmt.sh \
--ni \
--c \
--svc-image store/ibmcorp/guardium_external_s-tap:v11.2.0.137 \
--repo-user rizwanjoo1 \
--repo-pass MyDesire.1 \
--svc-host 192.168.12.128 \
--svc-host-user ubuntu \
--svc-container-num 2 \
--db-host 192.168.12.129 \
--db-type db2 \
--db-port 50000 \
--sqlguard-ip 192.168.12.130 \
--state-file cluster.state
So now i should connect to db2 machine using port 32768 and Host ip of External STAP i.e 192.168.12.128??
Best Regards,
Rizwan
------------------------------
Rizwan Ali
------------------------------
Original Message:
Sent: Fri July 02, 2021 02:15 AM
From: PHANENDRA RAO CHAVANA
Subject: External S-TAP is not logging On-Premises DB Traffic
HI Rizwan,
Please connect the linux machine while you try to connect the database. This Linux machine will act as proxy between database and guardium.
See below screenshot, if you have mentioned port while you run script, you need to connect with the same port and external stap machine IP.
If port is not mentioned in the script you ran I think it runs on 32768 port. Just connect external stap ip and 32768.
sample : mysql -h 10.0.0.150 -p 32768 - (10.0.0.150 is the external stap IP).
Let me know if it works
Thanks,
Panendar Rao.C
------------------------------
PHANENDRA RAO CHAVANA
Original Message:
Sent: Wed June 30, 2021 01:47 PM
From: RICHARD JERRELL
Subject: External S-TAP is not logging On-Premises DB Traffic
External S-TAP inspects traffic that is routed through it. After deployment, it is necessary to either configure the database client to explicitly connect to the External S-TAP deployment, or use DNS changes to transparently send new client connections through the External S-TAP deployment. If there is any doubt about whether or not a connection is routed through External S-TAP, the containers include netstat and you can check to see what connections are currently open inside of it.
------------------------------
RICHARD JERRELL
Original Message:
Sent: Mon June 21, 2021 04:55 AM
From: Rizwan Ali
Subject: External S-TAP is not logging On-Premises DB Traffic
Hi Folks,
I have created a Demo for External S-TAP using manual Docker deployment.
Environment Details: Collector v11.1, RedHat Linux V5.8 running DB2 V10.5, Ubuntu v18 running Dockers External S-TAP 1 Container without Load Balancer.
So, after deployment of External S-TAP Container on Docker i am able to see entry and green status in Collector but when i perform some activity in DB2 Database i am unable to see any logs in Guardium and i am unable to track where is the issue.
Any suggestion for resolving this will be helpful.
Thanks in Advance!
Best Regards,
Rizwan
------------------------------
Rizwan Ali
------------------------------