Article
Recherche
Shameless Plugs
Most Popular
Who's online
User login
2560
Sentinel 7 Collector for AGS 6
Here is a quick step-by-step guide on how to use the Sentinel MySQL collector to point to AGS 6 for audit events. I am running Windows and mySQL for AGS server, but the procedure can be easily adapted to Linux, Oracle or MS-SQL.
Figure 1: Using graphical tool to access MySql database. mysql.exe command can also be used.
e.g. : mysql -u root -p password
Figure 2: spt_audit_event table that contains user(administrators, reviewers, etc) events.
Figure 3: We create a view that will be used by Sentinel to collect events. Alternatively, we could have modified the query in Sentinel collector.
Here is the create view statement:
------------------------- create view identityiq.general_log as select CONCAT(FROM_UNIXTIME(LEFT(created, LENGTH(created) - 3)), '.', RIGHT(created, 3)) as event_time,action,source as user_host,id as thread_id, 'localhost' as server_id, action as command_type, target as argument from identityiq.spt_audit_event; --------------------------
Note that we have to convert the bigint format for the created column to a format that Sentinel can read.
You may have to grant additional rights to identityiq user for remote access to mySQL objects, for example:
------------------ GRANT SELECT ON identityiq.general_log TO 'identityiq'@'%'; ------------------
I hope this quick article proved to be helpful to you.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
Configuration question
Submitted by tsherwin on 12 March 2012 - 9:32am.
Interesting, thank you. Is this leveraging the to-be-released AGS 6 (based on Sailpoint) or some other configuration?
- Be the first to comment! To leave a comment you need to Login or Register
1