Imperva Cyber Community

  • 1.  Some query related user role and particular alert.

    Posted 10 days ago
    Hi, i am looking for below some query. Kindly let me know if it is possible .
    1.  Restriction of server group audit data view on "DB audit data" page on user base. i.e. "MIS_Ristricted" user should view only "MIS" server group audit log.not other server group.
    2. Customize view of "DB audit data" for "MIS_restricted" user. ie. User can able to view only "summary", "data" & Statistics" view only. Other "server analysis" and "data Access patterns" should not be visible for them
    3. I want specific privilege alert for any user which was added to "sysadmin" group.

            Query:- "alter server role [sysadmin] add member [ajay]"


    #DatabaseActivityMonitoring


  • 2.  RE: Some query related user role and particular alert.

    Posted 9 days ago
    Hi Ajay,

    I hope that I have understood you well.

    First, you must know that IMPERVA has been built based on Role-Based Access Control (RBAC). You can go on GUI to the Admin menu -> Users and Roles, and there you can create the new role for your user who should work only with MIS_Restricted logs.

    Second, you cannot customize GUI. But, I have an idea for you. You can use "DB Audit Data" to prepare your report definition. On the menu, you can find the diskette icon, and when you click on it, the report will save on Reports -> Manage Reports. You can permit users to access any specific audit report. Maybe it will be looking not very well like on GUI, but it will be something, not nothing, and the goal will be achieved by you.

    and Thirdly - I think you can do it on few method. Firest go to Setup -> Global Objects -> generic dictionary groups.

    After that please create the new security policy.




    And you have to test it. Would you please give feedback if it will be working well? If not, please write, I give you another way.







    ------------------------------
    Karol Gruszczynski
    IT SECURITY EXPERT
    Trafford IT
    Warsaw
    ------------------------------