Dear Student,
Greetings from Etraining.guru.
We provide THE BEST DB2 LUW/UDB DBA training in the Industry by THE real time expert. Our Trainer comes with 10+ years of IT working experience on open systems of project team sizes ranging from 2 to 70+.
Course Highlights:
****************
(1) 32+ hours of course content:
http://www.etraining.guru/online-training-db2-luw-udb-dba.aspx
(2) 5 free classes on Unix & Shell scripting of topics of student's interest
(3) 10 hours of Free job support. Beyond these hours, job support is provided for a nominal charge of $10/hour
(4) Course fees: $400 for working professionals; $300 for students/job seekers
(5) Class Timing: Flexible, depending upon student's requirement
(6) Email: info@etraining.guru
Please feel free to let us know if any further details needed.
Thanks,
Bhavana
www.etraining.guru
Email:info@etraining.guru
This presentation covers the basic DB2 objects description. Covers the basic administration using IBM utilities. Their complete phase wise operation and termination recoveries. Also have talked about the most frequently used DB2 catalog tables, what's the need for them in DB2. And finally have shown some SPUFI panels and their usage.
This technical paper provides the best practices for implementing the IBM Storwize V7000 Unified system NDMP backup solution using EMC NetWorker. To know more about the IBM Storwize V7000, visit http://ibm.co/TaLb6Q.
Dear Student,
Greetings from Etraining.guru.
We provide THE BEST DB2 LUW/UDB DBA training in the Industry by THE real time expert. Our Trainer comes with 10+ years of IT working experience on open systems of project team sizes ranging from 2 to 70+.
Course Highlights:
****************
(1) 32+ hours of course content:
http://www.etraining.guru/online-training-db2-luw-udb-dba.aspx
(2) 5 free classes on Unix & Shell scripting of topics of student's interest
(3) 10 hours of Free job support. Beyond these hours, job support is provided for a nominal charge of $10/hour
(4) Course fees: $400 for working professionals; $300 for students/job seekers
(5) Class Timing: Flexible, depending upon student's requirement
(6) Email: info@etraining.guru
Please feel free to let us know if any further details needed.
Thanks,
Bhavana
www.etraining.guru
Email:info@etraining.guru
This presentation covers the basic DB2 objects description. Covers the basic administration using IBM utilities. Their complete phase wise operation and termination recoveries. Also have talked about the most frequently used DB2 catalog tables, what's the need for them in DB2. And finally have shown some SPUFI panels and their usage.
This technical paper provides the best practices for implementing the IBM Storwize V7000 Unified system NDMP backup solution using EMC NetWorker. To know more about the IBM Storwize V7000, visit http://ibm.co/TaLb6Q.
[오픈소스컨설팅]Day #1 MySQL 엔진소개, 튜닝, 백업 및 복구, 업그레이드방법Ji-Woong Choi
MySQL 소개
간략한 소개
version history
MySQL 사용처
제품 군 변화
시장 변화
MySQL 구성
MySQL 클라이언트 / 서버 개념
클라이언트 프로그램
MySQL 설치
MySQL 버전
MySQL 설치
MySQL 환경 설정
환경설정, 변수 설정
MySQL 스토리지 엔진 소개
MySQL tuning 소개 및 방법
데이터 백업/복구 방법
백업
복구
MySQL Upgrade
CICS is the power of mainframe. It has all the capabilities to handle online transactions. The ppt covers highly useful CICS concepts to refresh your CICS knowledge quickly.
This is a recording of my Advanced Oracle Troubleshooting seminar preparation session - where I showed how I set up my command line environment and some of the main performance scripts I use!
What to Expect From Oracle database 19cMaria Colgan
The Oracle Database has recently switched to an annual release model. Oracle Database 19c is only the second release in this new model. So what can you expect from the latest version of the Oracle Database? This presentation explains how Oracle Database 19c is really 12.2.0.3 the terminal release of the 12.2 family and the new features you can find in this release.
This ppt helps people who would like to present their industrial training presentation on Oracle 11g DBA.
This one includes all the operations that dba has to be perform and some other internal concepts of Oracle.
Solving the DB2 LUW Administration DilemmaRandy Goering
As a DB2 LUW Database Administrator you are probably reluctant to or prohibited from granting your users* these permissions because doing so gives them permission to other DB2 administrations tasks like stopping the database. If your users are not allowed to do these tasks then who is? Most likely, you, as the DBA will perform these and other administrative functions for your users. Would you like a way to eliminate these tasks from your daily to-do list? This presentation will discuss how to externalize specific administrative tasks with Stored Procedures, Federated procedures, Administrative SQL routines, and views.
Solving the DB2 LUW Administration DilemmaRandy Goering
As a DB2 LUW Database Administrator you are probably reluctant to or prohibited from granting your users* these permissions because doing so gives them permission to other DB2 administrations tasks like stopping the database. If your users are not allowed to do these tasks then who is? Most likely, you, as the DBA will perform these and other administrative functions for your users. Would you like a way to eliminate these tasks from your daily to-do list? This presentation will discuss how to externalize specific administrative tasks with Stored Procedures, Federated procedures, Administrative SQL routines, and views.
[오픈소스컨설팅]Day #1 MySQL 엔진소개, 튜닝, 백업 및 복구, 업그레이드방법Ji-Woong Choi
MySQL 소개
간략한 소개
version history
MySQL 사용처
제품 군 변화
시장 변화
MySQL 구성
MySQL 클라이언트 / 서버 개념
클라이언트 프로그램
MySQL 설치
MySQL 버전
MySQL 설치
MySQL 환경 설정
환경설정, 변수 설정
MySQL 스토리지 엔진 소개
MySQL tuning 소개 및 방법
데이터 백업/복구 방법
백업
복구
MySQL Upgrade
CICS is the power of mainframe. It has all the capabilities to handle online transactions. The ppt covers highly useful CICS concepts to refresh your CICS knowledge quickly.
This is a recording of my Advanced Oracle Troubleshooting seminar preparation session - where I showed how I set up my command line environment and some of the main performance scripts I use!
What to Expect From Oracle database 19cMaria Colgan
The Oracle Database has recently switched to an annual release model. Oracle Database 19c is only the second release in this new model. So what can you expect from the latest version of the Oracle Database? This presentation explains how Oracle Database 19c is really 12.2.0.3 the terminal release of the 12.2 family and the new features you can find in this release.
This ppt helps people who would like to present their industrial training presentation on Oracle 11g DBA.
This one includes all the operations that dba has to be perform and some other internal concepts of Oracle.
Solving the DB2 LUW Administration DilemmaRandy Goering
As a DB2 LUW Database Administrator you are probably reluctant to or prohibited from granting your users* these permissions because doing so gives them permission to other DB2 administrations tasks like stopping the database. If your users are not allowed to do these tasks then who is? Most likely, you, as the DBA will perform these and other administrative functions for your users. Would you like a way to eliminate these tasks from your daily to-do list? This presentation will discuss how to externalize specific administrative tasks with Stored Procedures, Federated procedures, Administrative SQL routines, and views.
Solving the DB2 LUW Administration DilemmaRandy Goering
As a DB2 LUW Database Administrator you are probably reluctant to or prohibited from granting your users* these permissions because doing so gives them permission to other DB2 administrations tasks like stopping the database. If your users are not allowed to do these tasks then who is? Most likely, you, as the DBA will perform these and other administrative functions for your users. Would you like a way to eliminate these tasks from your daily to-do list? This presentation will discuss how to externalize specific administrative tasks with Stored Procedures, Federated procedures, Administrative SQL routines, and views.
A common requirement for database administrators is to be able to track the activity within an instance of SQL. Based on governance, oversight, or policy most organizations require some means of tracking and recording specific events such as:
1. Failed logins
2. DDL events
3. Data access
Ideally the front end application will have a means of capturing these day to day events, but if not SQL provides a number of tools that will audit SQL events and activity. This session will begin outlining the methods, native to SQL, to audit SQL events including:
1. C2 Auditing
2. Common Criteria Compliance
3. SQL Trace
4. DDL Triggers
5. DML Triggers
6. SQL Audit
Each method will be outlined and demonstrated and particular attention will be paid to the resources required for each technique. Much of this session will be spent examining SQL Audit and looking into the internal workings of this technology
SQL Server 2016: Just a Few of Our DBA's Favorite ThingsHostway|HOSTING
Join Rodney Landrum, Senior DBA Consultant for Ntirety, a division of HOSTING, as he demonstrates his favorite new features of the latest Microsoft SQL Server 2016 Service Pack 1.
During the accompanying webinar and slides, Rodney will touch on the following:
• A demo of his favorite new features in SQL Server 2016 and SP1 including:
o Query Store
o Database Cloning
o Dynamic Data Masking
o Create or Alter
• A review of Enterprise features that are now available in standard edition
• New information in Dynamic Management Views and SQL Error Log that will make your DBAs job easier.
Business requirements, Australian legislation and web based applications have changed the security requirements on databases holding private data. Oracle introduced the Virtual Private Database (VPD) to address these needs, implementing database policies to restrict rows and columns retrieved via SQL, and in turn removing the need for public synonyms, roles and user accounts. Chris Muir discusses how to implement VPD features in Oracle 10g to satisfy contemporary database security needs.
Answer questions Who, What , When and Where about any database activity by setting up an Oracle audit. The infrastructure is free and available in every database edition.
Stay on top of any possible performance and storage issues by choosing appropriate audit parameters.
Build summary and detail reports to analyze audit events from multiple databases using APEX or SQL*Plus.
Setup a data retention period and cleanup audit records regularly.
Create honeypot to attract hacker’s attention.
Enable alerts and send email notifications using Oracle Enterprise Manager infrastructure.
Enterprise-class security with PostgreSQL - 1Ashnikbiz
For businesses that handle personal data everyday, the security aspect of their database is of utmost importance.
With an increasing number of hack attacks and frauds, organizations want their open source databases to be fully equipped with the top security features.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
DB2 LUW Auditing
1. DB2 LUW Security
Trading up with the New,
Improved DB2 Auditing Features
Presented by: Rebecca Bond
a.k.a. DB2Locksmith
DB2Locksmith@securedb2.com
Phone: 434-DB2-0070
2.
3. Breach attempts are up, but DBA participation is
NOT trending up as well. Databases are complex
and the skills to effectively manage them take
years to learn. Database security adds complexity
to the equation, but ignoring database security –
the current approach of many organizations --
doesn't seem to be working out too well.
The database does not have to be at risk, even if
other layers of defense are pierced. But, this
protection comes only when the appropriate
database security steps are well understood and
implemented….by the DBAs.
Did you know you are a security guru?
4. Old cars – New cars
Old Audit – New Audit
Being Proactive about Being Reactive
DB2 Auditing...approaches, tips and concerns
5. Think it’s time for a trade-up for your Audit Security?
Do I have a deal for you.
DB2 9.5 introduced some nifty auditing capabilities
.
Let’s discuss Auditing, and these new features and how
they can make auditing setup more flexible so that they
will closely track to your specific needs.
7. •Audit activity is now highly granular and can be limited
to activity for selected users or tables
•The SYSADM can use the db2audit functionality to
archive both instance and database logs and to extract
from archived logs from either.
•Stored procedures are now available to make the
SECADM's work easier and this work can be delegated
•Prune is Gone !
8. •The active audit log is archived before data is extracted
which benefits performance.
•The location for Active and Archived audit data can be
changed … no need to use the old default path
•DPF dbs can use local file systems for the audit logs
•SECADM role is greatly enhanced, but work can be
delegated
9. What Are the Audit-able categories?
•AUDIT – records info regarding changes to audit settings or when the audit
log is accessed
•CHECKING – authorization "checking", attempts to access or change
DB2 objects or functions
•OBJMAINT – creation/drops of data objects
•SECMAINT – Grants/revokes, privileges, DBADM, modifications to
SYSADM_GROUP, SYSCTRL_GROUP, SYSMAINT_GROUP
•SYSADMIN – SYSADM,SYSMAINT,SYSCTRL operations
•VALIDATE – for each connection attempt, generates audit records when
validating users and their associated groups or when retrieving system
security information
•CONTEXT – "context" of the operation. Aids in interpretation of the info in
the audit log file. Likely will capture a HUGE amount of information.
10. EXECUTE – the new and improved "CONTEXT"
Works for both static and dynamic SQL
Optionally include Data (host variables and/or parameters)
Doesn't capture statement preparation
Doesn't include LOBS, LONG, XML & structured types
The Execute audit record is only produced when
execution completes, so failures are not captured via
EXECUTE.
11. It’s Splitsville for Auditing
The split between
Instance/Database layers makes the
auditing process much more
granular AND robust and aids with
the concept of Separation of Duties.
12. 2…2…2 Audits in 1 !
• Where else can you get 2..2..2 DB2 Audits in 1 ?
• Instance AND Database Levels with greatly increased
granularity
• No need to waste time chewing on auditing features
you don't need.
• SYSADM uses DB2AUDIT command at the Instance
Level
• SECADM creates audit policies at the database level
• An Active audit log is archived BEFORE data is
extracted from it which helps performance.
13. The SYSADM vs The SECADM
The SYSADM user can use the db2audit
command to archive instance OR database
level audit data.
SECADM uses the AUDIT_ARCHIVE stored
procedure to archive database level audit
data.
14. Instance Level Auditing
• This is most like the old "pre 9.5" days
• SYSADM uses DB2AUDIT to configure at instance
level
• Db2audit is Explicitly started and stopped
• Uses "Describe" to determine current
configuration
• Records can be "Flushed"
• Archive (and can also archive logs for an
associated database)
• Extract data from an archived audit log
15. The SYSADM’s commands:
db2audit configure – what do you want to audit?
db2audit describe – what ARE you auditing?
db2audit archive -- moves the active log to an archive
db2audit flush – flush the audit buffer explicitly
db2audit extract -- from archived logs
db2audit start/stop
16. Database Level Auditing
Database level auditing is done via policies
that are created by the SECADM.
There is no "start" command.
Auditing begins as soon as the
policy is CREATED AND ASSIGNED.
18. Database Audit Policy Categories. What do they do?
•ALL - Sets all categories to the same status. (However, the
EXECUTE category is WITHOUT DATA.)
•AUDIT - Generates records when audit settings are
changed or when the audit log is accessed.
•CHECKING - Generates records during authorization
checking of attempts to access or manipulate database
objects or functions.
•CONTEXT - Generates records to show the operation
context when a database operation is performed. (A lot of
information, choose wisely)
•EXECUTE - Generates records to show the execution of
SQL (WITHOUT DATA /WITH DATA)
19. •OBJMAINT - Generates records when data objects are
created or dropped.
•SECMAINT - Generates records when object
privileges, database privileges, or DBADM authority is
granted or revoked.
•SYSADMIN - Generates records when operations
requiring SYSADM, SYSMAINT, or SYSCTRL authority
are performed.
•VALIDATE - Generates records when users are
authenticated or when system security information
related to a user is retrieved.
FYI: If ALL is not specified, the STATUS of any category
that is not explicitly specified is set to NONE.
20. Policies are assigned to objects by the
SECADM using the AUDIT statement.
Once assigned, the audit policy is active
(but may need to wait on the next UOW if
an old policy was in place).
22. DATABASE — All auditable events that happen on the DB
are audited according to the audit policy.
TABLE — Can be a table, MQT nickname. CANNOT be a
view (views are audited according to base table policy),
catalog table, declared temp table or a typed table (Only
execute category audit events, with or without data, will be
generated when the table is accessed, even if the policy
indicates that other categories should be audited
Which Policy for Which Purpose?
23. Which Policy for Which Purpose?
TRUSTED CONTEXT -- Specifies that an audit policy is to
be associated with or removed from contextname (which
must exist)
USER -- Specifies that an audit policy is to be associated
with or removed from the user with authorization ID
<authorization-name>.
GROUP -- Specifies that an audit policy is to be associated
with or removed from the group with authorization ID
<authorization-name>. (Note: If user membership in a
group cannot be determined, the policy will not apply to that
user.)
24. ROLE -- Specifies that an audit policy is to be associated
with or removed from the role with authorization ID
<authorization-name> (must pre-exist).
Note: SYSADM, SYSMAINT, SYSCTRL, SYSMON,
SQLADM, WLMADM, DBADM or SECADM — All
auditable events that are initiated by a holder of this
authority are captured, even if that authority is not
required for the specific event
Which Policy for Which Purpose?
25. Putting Auditing on a Diet
Execute, a new database (ONLY) level category, allows audit
of JUST the SQL statement, versus the entire CONTEXT.
Context generates a LOT of audit information.
Since it is database specific
and not instance specific,
it uses audit policies, not the db2audit syntax.
Use the WITH DATA option to capture data values for any
host variables and parameter markers. EXCEPT, Be Aware,
that not all input values are logged.
LOB, LONG, XML, and structured type parameters appear as
a null value.
26. Some Audit Syntax:
$> db2 "create audit policy audexe categories execute with data status both error
type audit"
Status both means that successful and failing attempts will be audited.
Error type audit means that all errors (incl. audit errors) will be returned to the
application. If error type was normal, errors generated by the audit facility are
ignored and only the SQLCODEs for errors associated with the operation being
performed are returned to the application.)
$> db2 audit table locksmith.sensitive using policy audexe
Now the audit policy is assigned to the table named sensitive in the schema
locksmith. This audit policy is now active.
I think I'd like to know what the SYSADMs are up to, so I'll create an audit policy for
the database:
$> db2 "CREATE AUDIT POLICY ADMPOLICY CATEGORIES SYSADMIN STATUS BOTH,
SECMAINT STATUS BOTH ERROR TYPE AUDIT"
$> db2 "AUDIT DATABASE USING POLICY ADMPOLICY“
27. At the database level, the SECADM can delegate
running the audit stored procedures and table
functions to another user by appropriately granting
execute authority on the SYSPROC audit procedures.
These are: AUDIT_ARCHIVE stored procedure and
table function, AUDIT_LIST_LOGS table function and
AUDIT_DELIM_EXTRACT stored procedure.
28. One example (using a Role to do this)..as the database SECADM:
db2 "create role auditwrk"
db2 "grant execute on procedure sysproc.AUDIT_ARCHIVE to
role auditwrk"
db2 "grant execute on function sysproc.AUDIT_ARCHIVE to role
auditwrk"
db2 "grant execute on function sysproc.AUDIT_LIST_LOGS to
role auditwrk"
db2 "grant execute on procedure
sysproc.AUDIT_DELIM_EXTRACT to role auditwrk“
db2 "grant role auditwrk to locksmith"
29. I hold SECADM. I want to get some info.
First, I'll archive the current log.
Then I'll extract the data to delimited files
so I can load it in to tables and query it.
$> db2 "call sysproc.audit_archive ('',-2)"
$ >db2 "call sysproc.audit_delim_extract
(null, '/SecDB/auddel', NULL, '%20100210%', null)"
30. Auditing is a Big GUN for Reactive
Monitoring
But a Big Machine Gun that is Never Fired is Worthless
If you aren't extracting Audited Data and if NO ONE is
Reviewing it Regularly, then your Big Machine Gun is
totally RUSTY and WILL NOT FIRE when Needed.
BE PROACTIVE. Set up Audit, USE AUDIT, ReView Audit !
Keep your Big Machine Gun READY !
31. • The Location for the Active Audit Log is now
configurable
• There are separate logs for instance & DB audit activities
• Audit activity is now highly granular and can be limited
to activity for selected users or tables
• The SYSADM can use the db2audit functionality to
archive both instance and database logs and to extract
from archived logs from either.
• Stored procedures are now available to make the
SECADM's work easier and this work can be delegated
• Prune is Gone !
Port able
32. Making the Audit Wheels Turn
If multiple instances exist on a server, then
EACH INSTANCE should have separate locations
for ARCHIVEPATH, AUDITARCHIVES.
The goal is to get these audit logs on to speedy disk
locations,
especially for the ACTIVE ones.
33. Where are you? Where do you want to be?
EXAMPLE SYNTAX for moving ACTIVE audit log locations
## for Single Partition DB
$> db2audit configure datapath </myspeedydisklocation>
## For DPF databases,
I can choose an NFS Shared, or do something like....
$> db2audit configure datapath <'/Lockit/SpeedyAud $N'>
Make sure to keep the space before the $N
(For moving audit ARCHIVE logs for DPF database, I can NOT
use the data partition expression ($N), my only option is a shared disk).
## Note: '/SecDB/auddel' has to exist.
34. As you can imagine, migrating from an earlier product level
to 9.5 or 9.7 will require some special considerations.
Auditing is one of those special considerations.
If you were using auditing prior to the migration then you will
want to consider how the changes will impact your setup.
Review the documentation for your specific migration
approach.
Have a plan to proceed that includes backing up current
audit settings.
35. When you migrate an instance from an earlier release to DB2 9.5
The audit configuration file is converted to DB2 Version 9.5
format.
When you migrate a database from an earlier release to DB2
9.5 the instance-level configuration settings for auditing are used
to create an audit policy in the database. If the audit facility is
enabled at the instance level, the audit policy is associated with
the migrated database to enable auditing. Otherwise, the audit
policy is not associated.
After the migration, audit settings should be re-visited, both to
determine if it meets requirements and to take advantage of new,
robust options.
36. Audit_Buf_SZ
A consideration: audit_buf_sz: a DBM configuration
parameter.
If set to zero auditing records are written synchronously to
disk which means that the event that caused the audit
record has to wait on the write. Possible to lose one audit
record if this is zero. Downside is potential performance
impact.
Larger audit_buf_sz can mitigate performance impacts,
but places a larger number of audit records at risk of not
making it to disk. The "flush" operation can also be
performed to force the writes at any time.
37. A Personal Journey
Long ago in my youth, I read and heard that setting
audit_buf_sz to zero was reported to cause some
serious performance degradation on audited DB2
systems. I believed the claim. It certainly seemed
plausible.
But, being a security junkie, my job was SECURITY not
PERFORMANCE....boy was that a bad assessment on my
part. If security has to battle performance in an
enterprise, security is going to be at a distinct
disadvantage, right? (Note to self: Buy Boxing Gloves
before the next battle)
38. But then, I actually had a performance tuning exercise
and I was REQUIRED to set the audit_buf_sz to ZERO
so that, at most, only one audit record was ever at risk
of loss. I was auditing for everything except CONTEXT.
Even without auditing CONTEXT events, I was
concerned (actually terrified) that this would cause a
HUGE problem.
Ok, at first, it appeared my fears may have been valid.
The entire system looked over tasked, overworked and
just plain old unhappy (a technical term). But then, some
tuning changes were made, some code re-written, some
OS parms tuned and before I knew it, I had forgotten
all about the audit_buf_sz being zero....oh....and our
performance tuning exercise was so successful that
management was "shocked" at what we had
accomplished.
39. The material in this presentation is an overview.
The time to deep dive into DB2's Robust
Auditing Capability would have exceeded the
length of this session. Please be especially
aware when you upgrade from 8.2 or 9.1 to 9.5
or 9.7. Things have changed and you will need to
adapt. But the upgrade benefits are GREAT.
I strongly encourage you to learn much about
auditing.
O P T I O N S: STATUS? BOTH - Successful and failing events will be audited; FAILURE - Only failing events will be audited. SUCCESS - Only successful events will be audited; NONE - No events in this category will be audited. ERROR TYPE? NORMAL -Any errors generated by the audit are ignored. The SQLCODEs for errors associated with the operation being performed are returned to the application. AUDIT - All errors, including errors occurring within the audit facility itself, are returned to the application.
### SYSCAT.AUDITUSE, SYSCAT.AUDITPOLICIES , can be queried for info on audit policies.
Mitigating Migration
I firmly believe that as security professionals, we have an obligation to share information. I welcome any learning opportunity that fosters a more robust security architecture. Please feel free to send me emails with comments, thoughts, disagreements, articles or lessons learned. The more we know…the better prepared we can be, as a security community, to protect and defend.
My contact information is:
Rebecca Bond, DB2Locksmith@securedb2.com, PH: 434-DB2-0070