Adds an inspection engine configuration to the end of the inspection engine list. The parameters are described below. You can re-order your list of inspection engines after adding a new one by using the reorder inspection-engines command. Adding an inspection engine does not start it running; to start it running, use the start inspection-engines command.
add inspection-engines <name> <protocol>
<fromIP/mask> <port> <toIP/mask>
<exclude client list> <active on startup>
name - The new inspection engine name; must be unique on the unit.
protocol - The protocol monitored, which must be one of the following: DB2, Sybase, MSSQL, MSSQL-NP, Informix, CIFS, FTP or Oracle.
fromIP/mask - A list of clients, identified by IP addresses and subnet masks. Separate each IP address from its mask with a slash, and multiple entries by commas. An address and mask of all zeroes is a wild card. If the exclude client list option (see below) is Y, the inspection engine monitors traffic from all clients except for those in this list. If the exclude client list option is N, the inspection engine monitors traffic from only the clients in this list.
port - The port or range of ports over which traffic between the specified clients and database servers will be monitored. To specify a range, separate the two numbers with a hyphen.
toIP/mask - The list of database servers, identified by IP addresses and subnet masks, whose traffic will be monitored. Separate each IP address from its mask with a slash, and multiple entries by commas. An address and mask of all zeroes is a wildcard.
exclude client list - A Y/N value; defaults to N. If Y, the inspection engine monitors traffic from all clients except for those identified in the client list (see above). If N, the inspection engine monitors traffic from only the clients listed in the client list.
active on startup - A Y/N value; defaults to N. If Y, the inspection engine is activated on system startup.
Displays a list of all inspection engines on the appliance. Each inspection engine is identified by an index number. Use the index number displayed in this list to identify an inspection engine in the start, stop, or reorder inspection-engines commands (but not in the remove inspection-engine command).
list inspection-engines
Removes the single inspection engine identified by it’s name. The name can include only letters, numbers and blanks. If the inspection engine name contains any special characters, use the administrator portal GUI to remove it.
remove inspection-engines <name>
Specifies a new order for the inspection engines, using index values from the list produced by the list inspection-engines command.
reorder inspection-engines <index>, <index>...
If the displayed indices are 1, 2, 3, and 4, the following command will reverse order of the engines:
reorder inspection-engines 4,3,2,1
Restarts the inspection-engine core, but not the inspection engines. The collection of database traffic stops when this command is issued.
restart inspection-core
To restart the collection of traffic for one or more specific inspection engines, follow this command with one or more start inspection engine commands. Alternatively, to restart the collection of traffic for all inspection engines, use the restart inspection-engines command.
Restarts the database inspection engine core and all inspection engines. The collection of database traffic stops temporarily while this occurs and restarts only when database connections re-initiate.
restart inspection-engines
Displays the list of ports ignored by all inspection engines.
show ignored port list
Displays inspection engine configuration information, as follows:
all - All inspection engines.
configuration <index> - Only the inspection engine identified by the specified index, which is from the list inspection-engines command.
type <db_type> -Displays configurations of a specific database type, which must be one of the supported monitored protocol types: db2, cifs, ftp, informix, mssql, mssql-np, mysql, oracle, sybase, teradata.
show inspection-engines <all | configuration <index> | log sqlstrings | type <type> >
Starts the inspection-engine core.
start inspection-core
Starts one or more inspection engines identified using index values from the list produced by the list inspection-engines command.
start inspection-engine <index>, <index>...
Stops the inspection-engine core.
stop inspection-core
Stops one or more inspection engines identified using index values from the list produced by the list inspection-engines command.
stop inspection-engines <index>, <index>...
Sets the complete set of port numbers to be ignored by all inspection engines. The list you specify completely replaces the existing list. Each number is separated from the next by a comma, and no blanks or other white-space characters are allowed in the list. Use a hyphen to specify an inclusive range of numbers.
store ignored port list <n>
store ignored port list 33,60-70
show ignored port list
When on, all Inspection Engines log complete SQL strings while logging data.
store inspection-engine log sqlstrings <on | off>
show inspection-engine log sqlstrings
When on, logs the entire SQL command when logging exceptions.
store log exception sql <on | off>
show log exception sql
When set to on, logs the entire SQL command for each access request.
store log request sql string <on | off>
show log request sql string
Sets the logging granularity to the specified number of minutes. You must use one of the minute values shown in the syntax, below. The default is 60.
store logging granularity <1, 2, 5, 10, 15, 30 or 60>
show logging granularity