Note: In a Central Management environment, all groups are defined on the Central Manager and sent to the managed units on a scheduled basis. All changes
Create a group definition.
|
Parameter |
Description |
|
desc |
Required. Enter a unique description for the new group. |
|
type |
Required. Must be one of the following: Application Event Value Number Application Event Value String Application Event Value Type Application Item Name Application Module Application System ID Application Transaction Code APPLICATION USER Audit Task Type Client Hostname Client IP Client IP/DB User Client MAC Address Client OS COMMANDS Database Name Database Version+Patches DB Error Codes DB PROTOCOL DB PROTOCOL VERSION DB Role EXCEPTION TYPE FIELDS Files Permissions Global ID Guardium Audit Categories Guardium Users Login Succeded Code NET PROTOCOL Object Command Object Field OBJECTS Operation Type OS User PORT Records Affected SCHEMA SENTENCE DEPTH Server Description Server Hostname Server IP Server OS SERVER TYPE Service Name SOURCE PROGRAM TTL USERS WEEKDAY YEAR |
|
appID |
Required. Identifies the application for the group. It must be one of the following values: Public Baseline Access_policy Classifier Db2_zos
|
|
subtype |
Optional. A sub type is used to collect multiple groups of the same group type, where the membership of each group is exclusive. For example, assume that you have database servers located in three datacenters, and that you want to group the servers by location. You would define a separate group of database servers for each location, and define all three groups with the same sub type (datacenter, for example). |
|
category |
Optional. A category is an optional label that is used to group policy violations and groups for reporting. |
|
classification |
Optional. A classification is another optional label that is used to group policy violations and groups for reporting. |
grdapi create_group desc=agroup type=objects appid=Public
|
ERR |
Description |
|
150 |
Invalid Group Type. |
|
151 |
Error creating Group, possible cause can be that a Group with the specified name already exists. |
|
152 |
Invalid application Id - should be one of : Public, Baseline, Access_policy, Classifier, Db2_zos. |
|
153 |
Error creating Group - a group with the specified description already exists. |
Display the properties of a specific group.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group. |
grdapi list_group_by_id id=100003
|
ERR |
Description |
|
140 |
Could not retrieve Group - check Id. |
|
141 |
Invalid Group Type - data might be corrupted. |
Display the properties of a specific group.
|
Parameter |
Description |
|
desc |
Required. The name of the group to be displayed. |
grdapi list_group_by_desc desc=agroup
|
ERR |
Description |
|
141 |
Invalid Group Type - data might be corrupted. |
|
142 |
Could not retrieve Group - check desc. |
Remove the specified group.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group. |
grdapi list_group_by_id id=100005
|
ERR |
Description |
|
160 |
Could not delete Group. |
Remove the specified group.
|
Parameter |
Description |
|
desc |
Required. The name of the group to be removed. |
grdapi remove_group_by_desc desc=agroup
|
ERR |
Description |
|
160 |
Could not delete Group. |
Update properties of the specified group.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group to be updated. |
|
newDesc |
Optional. Enter a unique description for the new group. |
|
subtype |
Optional. A sub type is used to collect multiple groups of the same group type, where the membership of each group is exclusive. For example, assume that you have database servers located in three datacenters, and that you want to group the servers by location. You would define a separate group of database servers for each location, and define all three groups with the same sub type (datacenter, for example). |
|
category |
Optional. A category is an optional label that is used to group policy violations and groups for reporting. |
|
classification |
Optional. A classification is another optional label that is used to group policy violations and groups for reporting. |
grdapi update_group_by_id id=100002 newDesc=beegroup subtype=bee category=be classification=bea
|
ERR |
Description |
|
170 |
Could not save Group |
|
171 |
Could not update Group - Invalid id. |
|
172 |
Could not update Group - a group with the specified description already exists. |
Update properties of the specified group.
|
Parameter |
Description |
|
desc |
Required. The name of the group to be updated. |
|
newDesc |
Optional. Enter a unique description for the new group. |
|
subtype |
Optional. A sub type is used to collect multiple groups of the same group type, where the membership of each group is exclusive. For example, assume that you have database servers located in three datacenters, and that you want to group the servers by location. You would define a separate group of database servers for each location, and define all three groups with the same sub type (datacenter, for example). |
|
category |
Optional. A category is an optional label that is used to group policy violations and groups for reporting. |
|
classification |
Optional. A classification is another optional label that is used to group policy violations and groups for reporting. |
grdapi update_group_by_name desc=beegroup newDesc=beegroupee category=bebebe classification=bebebebe
|
ERR |
Description |
|
142 |
Could not retrieve Group - check desc. |
|
170 |
Could not save Group |
|
172 |
Could not update Group - a group with the specified description already exists. |
Add a member to a group specified by the group ID.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group to which the member is to be added. |
|
member |
Required. The new member name, which must be unique within the group. |
grdapi add_member_to_group_by_id id=100005 member=turkey
|
ERR |
Description |
|
140 |
Could not retrieve Group - check Id. |
|
143 |
Could not add member - member might already exist. |
Add a member to the named group.
|
Parameter |
Description |
|
desc |
Required. The name of the group to which the member is to be added. |
|
member |
Required. The new member name, which must be unique within the group. |
grdapi add_member_to_group_by_desc desc=bgroup member=turkey
|
ERR |
Description |
|
142 |
Could not retrieve Group - check desc. |
|
143 |
Could not add member - member might already exist. |
List the members of the specified group.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group whose members are to be listed. |
grdapi list_group_members_by_id id=100001
|
ERR |
Description |
|
140 |
Could not retrieve Group - check Id. |
List the members of the specified group.
|
Parameter |
Description |
|
desc |
Required. The name of the group whose members are to be listed. |
grdapi list_group_members_by_desc desc=bgroup
|
ERR |
Description |
|
142 |
Could not retrieve Group - check desc. |
Remove a member from a group specified by the group ID.
|
Parameter |
Description |
|
id |
Required (integer). Identifies the group from which the member is to be removed. |
|
member |
Required. The name of the member to be removed. |
grdapi remove_member_to_group_by_id id=100005 member=turkey
|
ERR |
Description |
|
140 |
Could not retrieve Group - check Id. |
|
161 |
Invalid Group or Group Member |
|
162 |
Could not remove Group Member. |
Remove a member from the named group.
|
Parameter |
Description |
|
desc |
Required. The name of the group from which the member is to be removed. |
|
member |
Required. The name of the member to be removed. |
grdapi remove_member_from_group_by_desc desc=bgroup member=boston
|
ERR |
Description |
|
161 |
Invalid Group or Group Member |
|
162 |
Could not remove Group Member. |