Types of DAM policies

There are two types of DAM policies:

Alert — Policies that generate an alert when database activity violates a policy rule.
Audit — Policies that generate an audit record when FortiDB detects the database activity specified in the policy rules. FortiDB uses these policies only when it monitors target databases with the TCP/IP sniffer.

The following sub-types are available for both alert and audit policies:

Metadata Policies — Pre-defined policies that generate alerts or audit logs when FortiDB detects metadata activity.
Privilege Policies — Pre-defined policies that generate alerts or audit logs when FortiDB detects privilege activity.
Sys Operations Policy — Pre-defined policy that generate alerts or audit logs when FortiDB detects SYS user operations.
Data Policy — Policies that you create to generate alert or audit logs when FortiDB detects data manipulation activity.

The following table describes the differences between the two types of DAM policy.

	Alert Policy	Audit Policy
Used For	Generates an alert if an activity violates a policy rule	Logs the specified activity
Available With	All DAM collection methods	TCP/IP sniffer collection method only
Types of Data Policies	Table Table and Column Session User Database Query Policy	Database Table Table and Column Session User
Data Policy Configuration Options	"Read and Write" audit actions for Table, Table and Column "Alert Rule" for violations “SQL query” for "Database Query Policy"	"Select/Insert/Update/Delete/Truncate" audit actions for Table "Select/Insert/Update/Delete" audit actions for Database, Table and Column No "Alert Rule" settings
PCI, SOX, and HIPAA Policies	Yes	No
Severity Attribute	Yes	No