Fortinet black logo

Handbook (HTML)

Home FortiDB 5.1.14 Handbook (HTML)
5.1.14
5.1.14
5.1.13
5.1.12
5.1.11
5.1.10
5.1.9
5.1.8
5.1.7
5.1.6
5.1.5
5.1.2
5.1.1
5.0.0

Automatically generating alert policies

Automatically generating alert policies

You can use the Start Generate Alert Policies option to automatically create table, session, and user policies for Oracle and Microsoft SQL Server target databases. The policies work with all the collection methods that are available for these database types.

When you activate the option, FortiDB starts to track target database activity. When you stop the option, FortiDB analyzes the information it has gathered. It considers the activity it observed during the monitoring period to be normal activity and generates policies that are appropriate for the target.

The Start Generate Alert Policies option creates a DAM Alert policy group that has the same name as the target database. You can manage and modify these policies and policy groups the same way you manage other used-defined policies.

The names of the user and session policies in the group use the following format:

<target name>_<username>_<policy type>

where <policy type> is UserDataPolicy or SessionPolicy.

The table policies use the following format:

<target name>_<username>_TableDataPolicy_<monitored objects>

where <monitored objects> is either inclusive or exclusive. If the policy name contains inclusive, the policy monitors the objects that are specified under Audit Settings. For exclusive, the policy monitors all objects except those specified under Audit Settings.

Because it monitors all users and tables, the generation process can affect the performance of the monitored database.

To automatically generate data policies
  1. Go to DB Activity Monitoring < Monitoring Management, and then click a target name.
  2. On the General tab, click Start Generate Alert Policies.
  3. After FortiDB has monitored the target for an appropriate length of time, click Stop Generate Alert Policies.
  4. To view the generated policies, go to Policy < DAM Alert Policy Groups.
See also
Previous
Next

Automatically generating alert policies

You can use the Start Generate Alert Policies option to automatically create table, session, and user policies for Oracle and Microsoft SQL Server target databases. The policies work with all the collection methods that are available for these database types.

When you activate the option, FortiDB starts to track target database activity. When you stop the option, FortiDB analyzes the information it has gathered. It considers the activity it observed during the monitoring period to be normal activity and generates policies that are appropriate for the target.

The Start Generate Alert Policies option creates a DAM Alert policy group that has the same name as the target database. You can manage and modify these policies and policy groups the same way you manage other used-defined policies.

The names of the user and session policies in the group use the following format:

<target name>_<username>_<policy type>

where <policy type> is UserDataPolicy or SessionPolicy.

The table policies use the following format:

<target name>_<username>_TableDataPolicy_<monitored objects>

where <monitored objects> is either inclusive or exclusive. If the policy name contains inclusive, the policy monitors the objects that are specified under Audit Settings. For exclusive, the policy monitors all objects except those specified under Audit Settings.

Because it monitors all users and tables, the generation process can affect the performance of the monitored database.

To automatically generate data policies
  1. Go to DB Activity Monitoring < Monitoring Management, and then click a target name.
  2. On the General tab, click Start Generate Alert Policies.
  3. After FortiDB has monitored the target for an appropriate length of time, click Stop Generate Alert Policies.
  4. To view the generated policies, go to Policy < DAM Alert Policy Groups.
See also
Previous
Next