Hi Joy,
Could you please arrange to provide complete details (like both Source IP and Destination IP with middle octets in masked format, OS UserName, Source Application, Source of Activity, DB User)?
Is there any filtered (in the form of Match Criteria) applied to the databases? Did you configure any Agent Monitoring Rule also?
Long back, we observed similar behaviour but because of configurations given in the KB article (https://docs.imperva.com/bundle/z-kb-articles-knowledgebase-support/page/290722706.html) which impacted other operations as well apart from RMAN activity.
Regards,
------------------------------
SBISOC 4430
Manager
Mumbai
------------------------------
Original Message:
Sent: 05-21-2025 05:19
From: Joy Ampitan
Subject: Imperva DAM Capturing Generic Account Instead of Staff Account for DB Query
A user logs in with their staff profile to execute a DB query (attached), but Imperva DAM captures a generic account instead of the staff account as the user performing the action. Has anyone encountered this issue, and how was it resolved?
#DataRiskAnalytics(formerlyCounterBreach)
#DatabaseActivityMonitoring
------------------------------
Joy Ampitan
Security Engineer
Ethnos Cyber Limited
Lagos
------------------------------