DataSunrise Database Activity Monitoring for IBM DB2

IBM DB2 monitoring tool by DataSunrise provides the full analysis of all user activity and changes to IBM DB2 database and queries directed to it. Any protection policy violation can be immediately detected and stopped. This includes, but not limited to, monitoring of SQL-requests and unauthorized access to sensitive information.

Tech Info

IBM DB2 monitoring tool by DataSunriseis a powerful database activity monitoring (DAM) solution for IBM DB2 monitoring.

Here are some typical use cases for DAM technology:

  • Monitoring privileged users behavior. Yes, database administrators also pose a potential threat to your data security. They can hide their malicious activity within the database but can do nothing with DAM solution.
  • Detecting suspicious user activity, whether it's just a nosy employee or an experienced hacker looking for vulnerabilities in your system. Knowing about suspicious activity you can prevent data breach in advance.
  • Detecting dormant user accounts and other vulnerabilities that can be exploited by hackers.
  • Revealing and investigating data leak. Sometimes you don’t even suspect that your data is stolen. DAM helps you to reveal already-occurred data breach and conduct proper investigation.
  • Many government and industry standards such as SOX, PCI DSS and HIPAA require their subjects to employ data auditing and database activity monitoring.
  • Collecting statistics.

  • As you can see, DAM is not only about statistics, but also actively helps to keep the database secure.

    Database Activity Monitoring for IBM DB2

    DataSunrise enables real-time tracking of database user activity and changes made to database tables. In simple words, you can easily find out who, when and why accessed your database.

    audit event details

    Data Sunrise retrieves and logs the following data:

    • SQL query code
    • Session duration
    • Number of rows affected by query, and query results
    • Database errors
    • Database user information (user name, host name)
    • Information on client application used to query database (application name, host name).

    siem_audit

    Audit results are saved into DataSunrise-integrated SQLite database or to external database. The most important point that collected data can be exported to third-party solution such as SIEM. When paired with SIEM system DataSunrise enables you to learn a full picture of database user activity.

    Additionally, DataSunrise features self-learning functionality, Learning mode. DataSunrise logs typical database events and creates a white list of queries considered as «safe» in given database environment.

Related Articles