IBM Support

Guardium reports have blank Database User for Oracle OS User authentication sessions

Troubleshooting


Problem

My Guardium reports have blank database user for certain sessions. The sessions are local Oracle sessions where OS User authentication was used to login.

Cause

Oracle OS User authentication is a method to login to the Oracle database where no database user is specified. More details can be found in the Oracle documentation: Using the Operating System to Authenticate Users (External non IBM link)

This mechanism never supplies a database user during the session login and therefore Guardium can not record the database user.

Diagnosing The Problem

In Guardium reports, sessions using OS User authentication will have:

  • Local connection (same client and server ip)
  • Blank DB User, not ? DB User
  • OS User and Source Program populated
  • Most commonly SQLPLUS is the source program, but this is not a requirement

If the DB User is blank and OS User or Source Program is missing, most likely there is a performance problem resulting in dropped packets and missing data. This should be investigated as a separate issue see - Identifying and resolving common sniffer problems.

Resolving The Problem

Blank DB User is expected for sessions using Oracle OS User authentication. This is the expected behavior in all versions of Guardium as of the 'modified date' of this technote.

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"10.0;10.0.1;10.1;10.1.2;10.1.3;9.0;9.1;9.5","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22008755

Page Feedback