Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

IBM Security Identity Governance


The JSA DSM for IBM Security Identity Governance collects audit events from IBM Security Governance servers.

The following table identifies the specifications for the IBM Security Identity Governance DSM:

Table 1: IBM Security Identity Governance (ISIG) DSM Specifications





DSM name

IBM Security Identity Governance

RPM file name



Supported versions

IBM Security Identity Governance V5.1.1



Event format


Recorded event types


Automatically discovered?


Includes identity?


Includes custom properties?


More information

To integrate IBM Security Identity Governance with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console. If multiple DSM RPMs are required, the integration sequence must reflect the DSM RPM dependency.

    • IBM Security Identity Governance (ISIG) DSM RPM

    • JDBC Protocol RPM

  2. Configure a JDBC log source to poll for events from your IBM Security Identity Governance database.

  3. Ensure that no firewall rules block communication between JSA and the database that is associated with IBM Security Identity Governance.

  4. If JSA does not automatically detect the log source, add an IBM Security Identity Governance log source on the JSA Console. The following table describes the parameters that require specific values for IBM Security Identity Governance event collection:

    Table 2: IBM Security Identity Governance DSM Log Source Parameters



    Log Source Name

    Type a unique name for the log source.

    Log Source Description

    Type a description for the log source.

    Log Source type

    IBM Security Identity Governance

    Protocol Configuration


    Log Source Identifier

    Type a name for the log source. The name can't contain spaces and must be unique among all log sources of the log source type that is configured to use the JDBC protocol.

    If the log source collects events from a single appliance that has a static IP address or host name, use the IP address or host name of the appliance as all or part of the Log Source Identifier value; for example, or JDBC192.168.1.1. If the log source doesn't collect events from a single appliance that has a static IP address or host name, you can use any unique name for the Log Source Identifier value; for example, JDBC1, JDBC2.

    Database Type

    Select Oracle or DB2 for the database that you want to use as the event source.

    Database Name

    The name of the database to which you want to connect.

    IP or Hostname

    The IP address or host name of the IBM Security Governance database server.


    Enter the JDBC port. The JDBC port must match the listener port that is configured on the remote database. The database must permit incoming TCP connections. The valid range is 1 - 65535.

    The defaults are:

    • MSDE - 1433

    • Postgres - 5432

    • MySQL - 3306

    • Sybase - 1521

    • Oracle - 1521

    • Informix - 9088

    • DB2 - 50000

    If a database instance is used with the MSDE database type, you must leave the Port field blank.


    A user account for JSA in the database.


    The password that is required to connect to the database.

    Predefined Query

    Select a predefined database query for the log source. If a predefined query is not available for the log source type, administrators can select the none option.

    Table Name


    Select List


    Compare Field


    Use Prepared Statements

    Enable the check box.

    Start Date and Time

    The initial date and time for database polling.

    Polling interval

    The amount of time, in seconds, between queries to the database table. The default polling interval is 10 seconds.

    EPS Throttle

    The number of events per second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS.

    Security Mechanism

    From the list, select the security mechanism that is supported by your DB2 server. If you don't want to select a security mechanism, select None.

    The default is None.

    Use Oracle Encryption

    Oracle Encryption and Data Integrity settings is also known as Oracle Advanced Security.

    If selected, Oracle JDBC connections require the server to support similar Oracle Data Encryption settings as the client.

Configuring JSA to Communicate with Your IBM Security Identity Governance Database

To forward audit logs from your IBM Security Identity Governance database to JSA, you must add a log source. Log sources are not automatically detected.

  1. Log in to JSA.
  2. Click the Admin tab.
  3. In the navigation menu, click Data Sources.
  4. Click the Log Sources icon.
  5. Click Add.
  6. From the Log Source Type list, select IBM Security Identity Governance.
  7. From the Protocol Configuration list, select JDBC.
  8. Configure the parameters.
  9. Click Save.