IBM Security Guardium

 View Only

Query Rewrite

  • 1.  Query Rewrite

    Posted Thu September 21, 2023 04:07 PM
      |   view attached

    Hi Team,

    I am facing some issues with the Query Rewrite in Guardium ver 11.5.

    I followed the IBM link v11.5 to be able to create a simple policy to test a query, however, I am not able to do so.

    These are the steps that i executed:-

    1. Query rewrite definition successfully created, parsed, tested but when policy is applied, i am not able to see any results.

    2. After 30 minutes, the definition test cannot be performed until Guardium is restarted - which is strange

    3. Test was reproduced with snapshots attached in this thread.

    For the policy, i created 4 rules:

    1. Query Rewrite + only session criteria = privileged users in a group + continue to next rule
    2. Query Rewrite Apply definition + field in sensitive group + command in DML group
    3. Query rewrite detach  + object in sensitive group + continue to next rule
    4. Log all rewrite

    If you can also help with the rules flow if it is good.



    koonjul khemraj


    Query_definition.docx   299 KB 1 version