Skip to main content
Skip table of contents

DB Alert Policies

Overview

Alert provides anomaly detection to safeguard your data during database access and personal information queries. By predefining trigger conditions for critical anomalies, you can detect policy violations in real-time. This enables you to promptly identify and resolve potential security incidents, such as failed DB access or unauthorized SQL execution. Additionally, it helps protect sensitive information by alerting you to data queries or leaks that exceed predefined thresholds. Any breach triggers timely alerts, allowing you to take immediate action to secure your data. These alerts can be received through predefined channels like Slack, webhooks, and more.

QueryPie offers the following seven notification types:

  • SQL Execution : Sends an alert when SQL syntax corresponding to defined conditions is executed.

  • Prevented SQL Execution : Sends a notification when unauthorized syntax is executed.

  • Data Export : Sends a notification when a data export corresponding to the defined condition is executed.

  • DB Connection Attempt : Sends a notification when a DB connection attempt succeeds or fails.

  • Sensitive Data Access : Sends a notification when sensitive data corresponding to the defined conditions is accessed.

  • New Request : Sends a notification when a new approval request is registered.

  • Unusual Login Attempt : Detects user login behavior according to IP band and sends a notification.

Create an Alert Policy

General Settings > Company Management > Alerts > Create Alert

  1. From the General Settings menu, navigate to Company Management > Alerts menu.

  2. Click on the Create Alert button located in the upper right corner.

  3. Enter the necessary details to create the alert:

    • Name : Provide a descriptive name to identify the alert.

    • Alert Type : Select the type of alert you wish to create.

    • Alert Detail : Specify the conditions for the alert to be triggered. Different trigger conditions can be set for each type of alert.

    • Channel : Choose the channel through which notifications will be sent when the trigger conditions are met.

  4. Save your settings by clicking the Ok button.

You will now see that a new alert has been successfully registered. Whenever the specified trigger conditions are met, notifications will be sent to the designated channel.

View Alert Logs

General Settings > Company Management > Alerts > List Details > Logs

  1. From the General Settings menu, navigate to Company Management > Alerts menu.

  2. Select the specific alert for which you want to view the history of alerts sent.

  3. Within the Details tab, you can review the history of the alerts created.

  4. Switch to the Logs tab to access the complete history of alerts sent.

Alert Policy Examples

To set up alert policies for abnormal occurrences related to operations such as DB access and query execution, follow these steps on the Create Alert screen:

  • Alert for unusual login attempts

    • Alert Type : Unusual Login Attempt

    • Action Count : 3

    • Specific Time Interval (Minutes) : 5

  • Alert for abnormal database access attempts

    • Alert Type : DB Connection Attempt

    • Alert Trigger Condition : Failure

    • Connection Failure Trigger with Interval

      • Action Count : 3

      • Specified Time Interval (Minutes) : 5

  • Alert on bulk data lookups

    • Alert Type : SQL Execution

    • Trigger Condition (Rows) : 100 (adjust as needed)

    • SQL Events : SELECT

  • Alert when a bulk data export is attempted

    • Alert Type : SQL Export

    • Trigger Condition (Rows) : 100 (adjust as needed)

  • Alert when data changes and deletion attempts are made

    • Alert Type : SQL Execution

    • Trigger Condition (Rows) : 1

    • SQL Events : UPDATE, DELETE

  • Alert when unauthorized SQL statements are executed

    • Alert Type : Prevented SQL Execution

  • Alert when personal information data set to Sensitivity Level High is viewed

    • Alert Type : Sensitive Data Access

    • Alert Trigger Condition : Sensitive Level = High

    • (Note: Predefine tables and columns containing personal information in the Sensitive Data policy.)

  • Alert when personal information data contained in a specific database is viewed

    • Alert Type : Sensitive Data Access

    • Alert Trigger Condition : Policy = {Predefined Sensitive Data Policy}

    • (Note: Predefine tables and columns containing personal information in the Sensitive Data policy.)

Related Topics

 

Back to DB Access Policies

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close