Original Message:
Sent: 05-16-2024 08:00
From: Karol Gruszczynski
Subject: Help me about create new audit
Hi Dicky,
To create a new audit policy, go to the Policies menu -> Audit and create one.
AD1
To audit the new DB users, you should create an audit policy with the criteria "Database User Name" but exclude all known DB users. To recognize the new DB Users can help you Security SQL Profile Policy -> criteria "Unauthorized Database User".
AD2
Auditing permission changes - you have to know which SQL commands can change the permissions: GRANT, REVOKE, DENY
you should create an audit policy with the criteria "Privileges operations" and add the above commands.
AD3.
and the last one.
It is very similar to the first policy, but you should prefer a policy for all privileged users without exclusion. If users do a lot of SQL HITS, you should consider creating one policy per privileged user.
------------------------------
Karol Gruszczynski
IT Security Expert
Trafford IT Sp. z o.o.
Warszawa
Original Message:
Sent: 05-13-2024 04:09
From: Dicky a Setiono
Subject: Help me about create new audit
Hi Imperva cyber community friends, I'm want to create a new audit but i am confused about determining the appropriate match criteria for the new audit.
1. match criteria that are suitable for auditing new DB users
2. match criteria that are suitable for auditing permission changes
3. match criteria that are suitable for auditing Priviliged Account Usage
Thankyou very much
#DatabaseActivityMonitoring
------------------------------
Dicky a Setiono
Security Engineer
BANK BNI SYARIAH, PT
Jakarta
------------------------------