Accessmgr account unlock / reset
Log in to the CLI and run the following command: support reset-password accessmgr<N>|random.
You can use <N> or random where <N> is a number in the range of 10000000 – 99999999. Random automatically generates a number in the range of 10000000 – 99999999. Open a PMR with IBM Guardium support and send the following output.
G10.ibm.com> support reset-password accessmgr random Password for accessmgr account have been successfully reset using keyword:<passkey> Please provide these number to Guardium Customer Service to receive actual account password. ok
After you receive the new password, unlock the account.
- Use the following command to unlock the account. unlock accessmgr.
- Log in as accessmgr and edit the accessmgr details to enter a temporary password.
- Log in again with the temporary password.
- When you are prompted, enter a new password.
Unlock
login as: cli Pre-authentication banner message from server: IBM Guardium, Command Line Interface (CLI) End of banner message from server [email protected]'s password: Last login: Fri Nov 1 01:30:01 2019 Welcome cli - your last login was Wed Sep 11 01:30:03 2019 Your password has expired. Changing password for 'cli'. Enter current password: Enter new password: Re-enter new password: 51sec-igcm01.itprosec.org> unlock accessmgr ok 51sec-igcm01.itprosec.org>
Query Builder
Key Concepts:
- Domain – a set of tables that is linked based on the purpose or function of the information in those tables
- Access Domain – Tables related to access of data on a monitored database
- Policy Violation domain – Tables related to policy violation events as defined by the policy
- Aggregation/Archive Domain – Tables related to aggregation processes running on the appliance
- Entity – a label for one table within a domain
- Attributes – one field within an entity
- Main Entity – the entity that is the focus of the query. That will be one row in the report for each row in the table corresponding to the main entity.
Tips for creating a useful Query:
- “Access Rule Description” attribute
- Fill SQL Entity -> Access Rule Description
- Policy violations Domain -> Policy Rule Violation Entity -> Access Rule Description
- “Session Ignored” attribute
- Session Entity -> Session Ignored
- Export to CSV and filter from there
- useful with many results
- Predefined queries
- Search in the main entity for predefined queries
- Clone existing queries
Troubleshooting Commands
itprosec-tor-igcm01.51sec.org> support show db-top-tables all
Table Size (M) | I/D % | Unused(M) | Est. Rows | Name
-------------- | ----- | --------- | --------- | ----------
17431 | 5 | 0 | 28875494 | MESSAGE_TEXT
10399 | 22 | 0 | 28875459 | GDM_POLICY_VIOLATIONS_LOG
9520 | 32 | 0 | 34402643 | GDM_CONSTRUCT_TEXT
4169 | 56 | 0 | 28875476 | MESSAGE
682 | 87 | 65 | 2523707 | GDM_FIELD
564 | 140 | 0 | 2284882 | GDM_CONSTRUCT_INSTANCE
248 | 57 | 0 | 678447 | GDM_SESSION
166 | 162 | 9 | 495964 | GDM_OBJECT
145 | 40 | 0 | 512957 | GDM_EXCEPTION
125 | 17 | 18 | 231925 | GDM_CONSTRUCT
114 | 59 | 12 | 648703 | GDM_SENTENCE
55 | 48 | 0 | 491064 | GDM_APP_EVENT
34 | 0 | 6 | 1825 | TEST_RESULT
24 | 116 | 0 | 187677 | MASTER_GROUP_MEMBERS
19 | 0 | 0 | 104519 | DB_MAINT_LOG
16 | 70 | 0 | 179925 | MEMBERS_REFERENCE
14 | 6 | 4 | 11984 | REPORT_RESULT_DATA_ROW
9 | 19 | 0 | 65494 | DB_ERROR_TEXT
9 | 63 | 2 | 78140 | GROUP_MEMBER
7 | 0 | 4 | 20288 | SNIFFER_BUFFER_USAGE
No tables with more than 80% of free space used found.
ok