Fortinet FortiDB Example of Chaining to a PL/SQL-based Pudr, Item Setting for Session Policy

Page 16

Chaining with Parameterized User-Defined Rules

Rule Chaining

Chaining the UBM Policy and PUDR Together

Associating a Source Rule That Can Pass parameters with a PUDR

Example of Chaining to a PL/SQL-based PUDR

In this Oracle PL/SQL kill-session example, we:

1Create a DB user, BAD_GUY, whose session we will monitor, in our Oracle target database.

Item Setting for Session Policy

	FortiDB Version 3.2 Utilities User Guide
14	15-32000-81369-20081219

Image 16

Contents Utilities User Guide FortiDB Utilities User Guide TrademarksTable of Contents Index FortiDB MA Utilities Auto Discovery Selecting Addresses for Auto-DiscoverySelecting Non-Standard Ports for Auto-Discovery Results from Auto-DiscoveryMS-SQL Discovered Database Information Populating Connection FormMS-SQL Connection Summary Connection Summary Button Connection Summary OutputRule Chaining Setting Screen Rule ChainingRule Chaining Chaining with Parameterized User-Defined Rules Parameterized User-Defined Rule Flow Diagram General Pudr StepsDisabled Parameter Checkboxes Validating the Pudr before SavingItem Setting for Session Policy Example of Chaining to a PL/SQL-based PudrPolicy Settings for Suspicious Login Time Immediate Chained-Rule Alerts UBM Session Policy and Pudr Table Columns That Could Appear in AlertsResulting Killed Session Multiple Source-Rule-Violation Behavior DB ExampleRule Chaining Setting a Timer-based Schedule Setting a Report ScheduleAlert Report Manager Deleting a Previously Set Timer Schedule Setting a Calendar-based ScheduleSetting a Timer-Based Schedule Deleting a Timer ScheduleSetting a Combined Schedule Setting a Randomized IntervalSetting a Calendar-Based Schedule Setting a Randomized IntervalReporting by Time Enabling Email RecipientsSpecifying Report Parameters ARM Reporting by Time ARM Reporting by Time Calendar Pop-upNew Report Setting Screen top New Reports MenuNew Report Setting Screen bottom Saved and Enabled Report Using the Select Checkbox to Affect Multiple ReportsActivating ARM Running and Analyzing ReportsStatus Menu Status Dialog View Reports Dropdown List on Current Reports ScreenCurrent Report Configuration Report Summary ActionChoosing Summary Report Action Summary-Action Output TypesLimitation Report Detailed ActionReport Size Archiving Reports Using This Feature Custom ReportsScheduling Custom ReportsTime-only Schedule Settings Daily Schedule Settings Monthly Schedule Settings Weekly Schedule SettingsCustomer and Company Information Company Information Dialog Report and Template Generation and ManagementCustom Reports Main Modifying Reports Adding ReportsAdding a Report Modifying a Report Deleting ReportsDeleting a Report Modifying Report Templates Report Result Generating ReportsTemplates Manager Modifying a Template Generated Html Report Example Report History Report HistoryLicensing and Administration User Administration for Custom Reports and SOX ReportsReports radio button on the User Administration screen Property Purpose Possible Values DefaultProperty Purpose Possible Values Default1 LimitationsSOX Compliance Reports SOX Reports within Custom Reports ManagerGeneral Setup Instructions Reports and AcronymsCommon Report Header Fields Report Name AcronymCobit Objectives and Setup Requirements History of Privilege Changes Report HPCReport Body Columns HPC Report SampleAbnormal or Unauthorized Changes to Data Report AUC AUC Report SampleAbnormal Use of Service Accounts Report AUS AUS Report SampleAbnormal Termination of Database Activity Report ATD ATD Report SampleSettings Dialog for the EPA Report End of Period Adjustments Report EPAEPA Report Sample Case AssumptionsVerification of Audit Settings Report VAS VAS Report SampleArchiving Reports Licensing and AdministrationReport Size Verification of Audit Settings Report VAS Index