Imperva Cyber Community

 View Only
  • 1.  DAM Violation-Extremely Long SQL Request

    Posted 08-30-2021 08:20
    ​​Dear Team,

    I am receiving daily "extremely long SQL request " alert in DAM console. I have confirmed  source and destination, user are legitimate for the event with the help of application owner. And after that I have whitelisted the source IP and user name in policy.

    But still I am getting the same violations on console, from same source and user. Is there any alternate way to whitelisting this query or alert.

    Thanks & Regards,
    Bachchulal Varma

    Bachchulal varma
    Inspira enterprise pvt ltd

  • 2.  RE: DAM Violation-Extremely Long SQL Request

    Posted 08-31-2021 10:28

    you have three options:
    1. tune the policy - add an exception
    2. on a server group level - add restricsion  in Ignore IP
    3. turn off this policy for all DB services.

    In my opinion - 3th is the best.

    Karol Gruszczynski