APPENDIX 1: System Config Manager Parameters

parameter name description sample parameter value restart required sql proxy bind port this parameter defines the port range for auto assigning sql proxy bind port parameter 1025 2000 no sql proxy node auto register enabled enables automatic registration of oracle rac nodes in sql proxy true no dam ddm mfa enabled enables multi factor authentication for sql proxy connections true no dam ddm mfa delimiter defines the delimiter separating the mfa code from the username # no sql proxy metadata sync period sets the interval (in ms) for synchronizing database metadata 30000 yes dam ddm server clone enforce user role forces read only access for users connecting via the cloned port readonly no dam ddm server enforce user groups defines user groups required to connect via the main sql proxy port ug1, ug2 no dam ddm server clone bind port specifies the port for read only sql proxy access 1000 4000 no dam ddm server clone enforce user groups defines user groups required to connect via the read only port ug3,ug4 no sql proxy user swap enabled enables user identity swapping for sso in sql proxy connections true yes aioc second password ttl defines ttl for the second password in sso (in days) 30 yes sdd thread count default sets the default number of parallel connections for sensitive data discovery 10 no dam ddm buffer overflow\ attack protection turns on the proxy’s buffer overflow guard when enabled, every incoming sql packet is measured and—if it exceeds the size limit below—immediately dropped and logged true yes dam ddm buffer overflow\ limit maximum statement size (bytes) queries larger than this are blocked choose a value that covers normal traffic (e g , 1048576 = 1 mib) 1048576 (1 mib) yes dam ddm dos attack protection activates dos / query flood detection and throttling uses the two rate limit thresholds that follow true yes dam ddm query rate limit from single ip per client threshold—max queries per second allowed from one source ip before it is temporarily black listed 100 yes dam ddm query rate limit from all network global threshold—aggregate queries per second across the proxy exceeding it rejects new sessions until the rate falls 5000 yes sql proxy oracle local bind port tenant aioc this parameter defines port number of oracle devices all oracle database connections are made through this port for multitenant environments, the tenant’s name should be entered instead of the aioc 5000 no device database source this parameter defines the external device database ip addresses multiple values must be separated by “;” the parameter is used to add/discover devices from external device databases e g 10 10 10 10;20 20 20 20 no device database url n jdbc url address for database connection the parameter is used to add/discover devices from external device databases e g device database url 0 = jdbc\ postgresql //10 10 10 10 5432/databasename yes device database user n external database username the parameter is used to add/discover devices from external device databases e g db 1 yes device database password n external database password the parameter is used to add/discover devices from external device databases must be set as "yes" yes device database sql n sql query to import devices ip address, hostname, element type specifier, and one of the tag values are mandatory the parameter is used to add/discover devices from external device databases e g device database sql 0 = select "dynname" as ip address, server as hostname, os as element type specifier , id as port, os as tag os, site as tag site from devicedatabase yes device database driver n database driver for external database connection the parameter is used to add/discover devices from external device databases e g device database driver 0 = org postgresql driverdev yes