Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Monitor changes in both database and server level role

    Posted 03-06-2023 09:02

    Hello,

    I am trying to create a custom policy (using privileged operation) for monitoring changes in roles for both db groups (dbo for example) and server groups (sysadmin for example)

    I selected the operations related to alter role and alter server role but the member removal is not captured. It only shows when a new member was added.


    #DatabaseActivityMonitoring

    ------------------------------
    Polycarpos Kontogiannis
    Senior Cybersecurity engineer
    Odyssey Consultants-Cyprus
    Athens
    ------------------------------


  • 2.  RE: Monitor changes in both database and server level role

    Posted 03-08-2023 18:22

    Hi Polycarpos

    You will create a command group in the Global objects , and find the alter role and alter server role, and this command group add to the custom security policy and test the rule



    ------------------------------
    Alejandro Hernandez
    Consultant and Trainer
    Soluciones Integrales en Capacitacion SA de CV ("SICAP")
    Mexico D.F
    ------------------------------



  • 3.  RE: Monitor changes in both database and server level role

    Posted 03-09-2023 03:36

    Hello,

     

    I have already tried that but it only shows alerts for add member and not remove member

     

    Polycarpos Kontogiannis
    Expert Cybersecurity Engineer | Solutions (Gr)
    237, Mesogeion Avenue, 154 51 N. Psychiko, Athens  Greece
     T. +302106565200   E. 249
    pkontogiannis@odysseycs.com

     

    This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the
    intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail. The content of this email may contain private views and opinions, which do not constitute formal disclosure or commitment unless specifically stated.