Global Security Forum

 View Only
  • 1.  Logs from STAP

    Posted Tue May 31, 2022 01:46 AM
    Edited by sathya Janakiraman Tue May 31, 2022 01:59 AM
    Hi,

    We have installed the S-TAP agent in the Windows DB server
    The status of the S-TAP agent is showing as active and also we have not executed any commands on the database (For a specific day) In this scenario, still should we be able to get any alerts if no traffic comes via STAP  for a specific duration even though STAP is active and no commands executed?

    ------------------------------
    sathya Janakiraman
    ------------------------------


  • 2.  RE: Logs from STAP

    InnerCircle
    Posted Wed June 01, 2022 02:50 AM
    By default there will be no alert, and everywhere you will see "green".
    To get this kind of alert you need enable it manually in Alert Builder "No Traffic: No Traffic alert"

    ------------------------------
    Miroslaw Heimrath
    ------------------------------