IBM Security Guardium

 View Only
  • 1.  Automatic Scheduled Reports for Guardium Health status

    Posted Tue May 10, 2022 02:29 AM
    Hi Everyone,

    Need urgent help.
    I need to automate the below process in single or separate reports.
    Daily Taking report manually by logging to each Collector, Aggregators.

    Need scheduled report on daily basis for below items with respect to the Guardium Server IP address:
    Is it possible to get it?

    • Disk Size,
    • S-TAP status (collectors),
    • GIM status (CM),
    • Sniffer status,
    • Archive status (Collectors),
    • Data Import (all Aggregators)
    Thanks,
    Panendar Rao.C

    ------------------------------
    PHANENDRA RAO CHAVANA
    ------------------------------


  • 2.  RE: Automatic Scheduled Reports for Guardium Health status

    Posted Wed May 11, 2022 03:34 AM
    In version 11.2:
    Step 1: Prepare reports working on collector
    Step 2: Functoriality Distributed Report Builder (based on report from Step 1). To execute report on whole env
    Step 3: Alert Builder for scheduled process and indicate reviewers
               Disk Size,-> Entity Sniffer Buffer Usage
    • S-TAP status (collectors), -> Entity: S-TAp Info
    • GIM status (CM), -> GIM Clients
    • Sniffer status, ?
    • Archive status (Collectors), Entity: Agg/Archive Log
    • Data Import (all Aggregators) Entity: Agg/Archive Log


    ------------------------------
    Miroslaw Heimrath
    ------------------------------



  • 3.  RE: Automatic Scheduled Reports for Guardium Health status

    Posted Wed May 11, 2022 10:37 AM
    Hi Panendar,

    The options I see and we use here at my corporation: 

    1. For the information/reports you need from the collectors, as Miroslaw shared, in most cases you can just create a Distributed Report from the CM.
    2. There are also alerts that if you setup it will come from the respective appliance it's alerting for (E.g., if there is any disk space consumption alerts, any of the regular jobs Data Archive, Data Import, ... that failed, etc).
    3. You also have the Dashboards (Health ones in particular) from the CM you can check the overall health of the environment to the managed units within the same architecture.
    4. You have the flexibility to create a Dashboard in Guardium and combine different reports/charts you wish to see into the same screen/dashboard.
    4.1 Another option but not desirable is to create your own dashboard (out of Guardium) where you combine the information/reports you wish to look as a HC on a daily basis. We've got this one created here but you may need someone that knows programming and it may require some maintenance.

    I hope that helps.

    Regards,
    -Felipe


    ------------------------------
    Felipe Boff
    ------------------------------



  • 4.  RE: Automatic Scheduled Reports for Guardium Health status

    Posted Wed May 11, 2022 10:43 AM
    There are quite a few views already built in at the Central Manager.
    Go to Manage > System View and look through the ones delivered. 
    S-TAP and GIM Dashboard was one of my favorites as well as the the Deployment Health Table.
    If you click on the top right sliders you can adjust the settings you are interested in (or not) as well as time traffic time period and exclusion list.

    ------------------------------
    Jennifer Dodson
    ------------------------------