How can specific tables be setup for scanning via the SQL crawler?
The setting that specifically holds the table query is driver_table_query.<vendor-name>. This setting would need to be modified so that the response reflects the tables to be scanned. Setup instructions are outlined in the Symantec DLP Admin Guide beginning on page 108, with custom configuration options beginning on page 110.
Here's an excerpt from the Admin Guide:
Specifies the query to execute to return a list of tables to scan. Typically, the query should return all user tables in the database. Note that the database account issuing this query needs appropriate rights granted to it by the database administrator.
driver_table_query.sqlserver = SELECT table_schema + '.' + table_name FROM information_schema.tables
In addition to the setting, you can also set include and exclude filters via the UI. This is set under the SQL Scan Target -> Scanned Content. Please note that these include and exclude filters operate on top of the previously mentioned driver_table_query setting, so they have to be a subset.
INCLUDE FILTERS Use the Include Filters field to specify SQL databases and tables that Symantec DLP should process.
If you leave the Include Filters field empty, Symantec DLP performs matching on all tables in the database servers. If you enter any values in the field, Symantec DLP scans only those tables that match your filter.
The syntax for the filters is:
* (asterisk) represents any number of characters ? (question mark) represents one character , (comma) and newline represent a logical OR | (vertical bar) separates the database vendor pattern from the table pattern. Database vendor names are oracle, sqlserver, or db2. Because table names are case-insensitive for many databases, the table name in the pattern is converted to upper case before matching. The following example would match the employee table in all databases. *|employee The following example would match all tables in all Oracle databases. oracle:*|*
All white space at the beginning and end of the pattern is ignored. The matching process does not support escape characters, so there is no way to match on a question mark, a comma, or an asterisk explicitly.
EXCLUDE FILTERS Use the Exclude Filters field to specify SQL databases and tables that Symantec DLP should skip.
If you leave the Exclude Filters field empty, Symantec DLP performs matching on all databases and tables in the Database Servers list, or in the Include Filters. If you enter any values in the field, Symantec DLP scans only those databases or tables that do not match your filter.
The syntax for the Exclude filters is the same as that for the Include filters.
Imported Document ID: TECH219805
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe