Riskfort does not Report on the Risk Evaluation Results if number of rules greater than 177

book

Article ID: 132127

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

Some customers have grown the number of RiskFort rules to well over 177 rules that are currently reported on via Riskfort's "Analyze Transaction Report". The results of the Risk Evaluation operation against configured rules are maintained in the RESULT_DETAIL column of ARRFSYSAUDITLOG database table. The table RESULT_DETAIL column can currently only allow 4000 characters worth of data. This leads to a maximum of 177 rules for which data can be maintained and results generated.  Results of all other rules greater that 177 are not reported. 
 

Cause

The underlying reason is that the Oracle Database / MS SQL at a default allows a maximum of 4000 characters for any column. As each RiskFort rule takes about 23 characters, the reporting for (4000 divided by 23 = 177 rules)  is supported. 

Environment

CA Risk Authentication servers running with Oracle DB. 

Resolution

This enhancement facilitates reporting the results of 1416 rules as opposed to 177 rules. The  CA Risk Authentication extends the RESULT_DETAIL column of ARSYSAUDITLOG table to support 32,000 characters as opposed to current 4000 characters.  Currently this fix has been only provided for 8.2.x Risk Authentication running Oracle database. 

At 8.2.x this is facilitated via an enhancement patch - 01350047_DE415415_RESULT_DETAIL_CLOB_Oracle.zip. This can be requested via CA support ticket provided the customer has required entitlements. 

Additional Information

None.