Imperva Cyber Community

Step 1 of onboarding assets into a DSF is enable auditing on said database. 

Once auditing is enabled, the database server logs which user connected, from where to which table , what queries etc. This log is what is parsed by the DSF and it can find out user.

Examples:

From MariaDB Audit Logging Page:

the purpose of the MariaDB Audit Plugin is to log the server's activity. For each client session, it records who connected to the server (i.e., user name and host), what queries were executed, and which tables were accessed and server variables that were changed.

You can check the how to onboard various databases to DSF and almost in all config, the first step is to enable auditing. Enabling audit can be something simple as changing a config or installing a plugin.

Thanks Sarvesh for the information. 

Is it applicable to RDS?

Step 1 of onboarding assets into a DSF is enable auditing on said database. 

Once auditing is enabled, the database server logs which user connected, from where to which table , what queries etc. This log is what is parsed by the DSF and it can find out user.

Examples:

From MariaDB Audit Logging Page:

the purpose of the MariaDB Audit Plugin is to log the server's activity. For each client session, it records who connected to the server (i.e., user name and host), what queries were executed, and which tables were accessed and server variables that were changed.

You can check the how to onboard various databases to DSF and almost in all config, the first step is to enable auditing. Enabling audit can be something simple as changing a config or installing a plugin.