IBM Security Guardium

Hello Seniors, Hope all is well.

I am trying to Redact(Mask) a string/value using Guardium Extrusion Rules , for MS SQL Server. However, Values are getting masked in the Policy Violation Report(Log Only). But, on actual client tool which is "MICROSOFT SQL SERVER MANAGEMENT STUDIO" it is not getting masked. 

Please note that, I have referred below two technotes and followed the guide . Even, I have tried to Attach Session by enabling Firewall. still , no luck. Can anyone guide me on this please. 

REDACT - regex with '{' does not work on Windows DB Server

 IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows

Hi Akash,

If you've never seen expected result, I'd suggest to check the settings first. Did you check Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, Manage > Activity Monitoring > Inspection Engines before using REDACT function?

If you're seeing expected result without your own regex, could you please show us the regex that you're using and the data that you're expecting to be masked, and the data type (e.g. NVARCHAR(100))? This could be a sensitive information, then I'd suggest to open a support ticket, then we can review your data and configuration in our secure environment.

Thanks,
Satoshi

Hello Seniors, Hope all is well.

I am trying to Redact(Mask) a string/value using Guardium Extrusion Rules , for MS SQL Server. However, Values are getting masked in the Policy Violation Report(Log Only). But, on actual client tool which is "MICROSOFT SQL SERVER MANAGEMENT STUDIO" it is not getting masked. 

Please note that, I have referred below two technotes and followed the guide . Even, I have tried to Attach Session by enabling Firewall. still , no luck. Can anyone guide me on this please. 

REDACT - regex with '{' does not work on Windows DB Server

 IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows

Hi Satoshi,

Thank you for the response.  Below items are already done.

Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, - even restarted Sniffer from CLI.

Regarding your second query - data type is = char(20) & the actual value is 000017-AED-0086-51

I have used multiple regex but no luck. For example,

0\d\d\d\d\d-([A-Z][A-Z][A-Z]|[a-z][a-z][a-z])-\d\d\d\d-\d\d

([0-9][0-9][0-9][0-9][0-9][0-9])[-]([A-Z][A-Z][A-Z])[-]([0-9][0-9][0-9][0-9])[-]([0-9][0-9])

([0-9][0-9][0-9][0-9])[0-9][0-9]

Hi Akash,

If you've never seen expected result, I'd suggest to check the settings first. Did you check Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, Manage > Activity Monitoring > Inspection Engines before using REDACT function?

If you're seeing expected result without your own regex, could you please show us the regex that you're using and the data that you're expecting to be masked, and the data type (e.g. NVARCHAR(100))? This could be a sensitive information, then I'd suggest to open a support ticket, then we can review your data and configuration in our secure environment.

Thanks,
Satoshi

Hello Seniors, Hope all is well.

I am trying to Redact(Mask) a string/value using Guardium Extrusion Rules , for MS SQL Server. However, Values are getting masked in the Policy Violation Report(Log Only). But, on actual client tool which is "MICROSOFT SQL SERVER MANAGEMENT STUDIO" it is not getting masked. 

Please note that, I have referred below two technotes and followed the guide . Even, I have tried to Attach Session by enabling Firewall. still , no luck. Can anyone guide me on this please. 

REDACT - regex with '{' does not work on Windows DB Server

 IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows

Hi Akash,

I have created a table on MS SQL Server that has a char(20) column, and installed a policy that replaces the first 4 digits to asterisk (*) when 6 digits number is found. I mean, I used REDAT with regex "([0-9][0-9][0-9][0-9])[0-9][0-9]". Everything worked fine.

What I ran is here:

create table table0919 (col1 char(20), col2 char(10))
insert into table0919 values ('qazwsxedcrqazwsxedcr', '1q1q1q1q1q')
insert into table0919 values ('000017-AED-0086-51XX', 'abcabcabca')
select * from table0919

Here is the response:

col1                 col2
-------------------- ----------
qazwsxedcrqazwsxedcr 1q1q1q1q1q
****17-AED-0086-51XX abcabcabca

I do not know why it's not working in your environment. Could you please open a support ticket? Then support engineers will review your environment and should be able to find what's missing.

Thanks,
Satoshi

Hi Satoshi,

Thank you for the response.  Below items are already done.

Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, - even restarted Sniffer from CLI.

Regarding your second query - data type is = char(20) & the actual value is 000017-AED-0086-51

I have used multiple regex but no luck. For example,

0\d\d\d\d\d-([A-Z][A-Z][A-Z]|[a-z][a-z][a-z])-\d\d\d\d-\d\d

([0-9][0-9][0-9][0-9][0-9][0-9])[-]([A-Z][A-Z][A-Z])[-]([0-9][0-9][0-9][0-9])[-]([0-9][0-9])

([0-9][0-9][0-9][0-9])[0-9][0-9]

Hi Akash,

If you've never seen expected result, I'd suggest to check the settings first. Did you check Inspect Returned Data and press Restart Inspection Engine from Guardium GUI, Manage > Activity Monitoring > Inspection Engines before using REDACT function?

If you're seeing expected result without your own regex, could you please show us the regex that you're using and the data that you're expecting to be masked, and the data type (e.g. NVARCHAR(100))? This could be a sensitive information, then I'd suggest to open a support ticket, then we can review your data and configuration in our secure environment.

Thanks,
Satoshi

Hello Seniors, Hope all is well.

I am trying to Redact(Mask) a string/value using Guardium Extrusion Rules , for MS SQL Server. However, Values are getting masked in the Policy Violation Report(Log Only). But, on actual client tool which is "MICROSOFT SQL SERVER MANAGEMENT STUDIO" it is not getting masked. 

Please note that, I have referred below two technotes and followed the guide . Even, I have tried to Attach Session by enabling Firewall. still , no luck. Can anyone guide me on this please. 

REDACT - regex with '{' does not work on Windows DB Server

 IBM Security Guardium: the REDACT action does not work with regular expressions that include curly braces ("{" y "}") when applied to database servers on Microsoft Windows