Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring a Log Source

 

To collect events, you must configure a log source in JSA to poll your Access: One installation database with the JDBC protocol.

  1. Click the Admin tab.
  2. On the navigation menu, click Data Sources.
  3. Click the Log Sources icon.
  4. Click Add.
  5. In the Log Source Name field, type a name for your log source.
  6. In the Log Source Description field, type a description for the log source.
  7. From the Log Source Type list, select Pirean Access: One.
  8. Using the Protocol Configuration list, select JDBC.
  9. Configure the following values:

    Table 1: Pirean Access: One Log Source Parameters

    Parameter

    Description

    Log Source Identifier

    Type the identifier for the log source. The log source identifier must be defined in the following format:

    <database>@<hostname>

    Where:

    <database> is the database name, as defined in the Database Name parameter. The database name is a required parameter.

    <hostname> is the host name or IP address for the log source as defined in the IP or Hostname parameter. The host name is a required parameter.

    The log source identifier must be unique for the log source type.

    Database Type

    From the list, select DB2 as the type of database to use for the event source.

    Database Name

    Type the name of the database to which you want to connect. The default database name is LOGINAUD.

    IP or Hostname

    Type the IP address or host name of the database server.

    Port

    Type the TCP port number that is used by the audit database DB2 instance.

    Your DB2 administrator can provide you with the TCP port that is needed for this field.

    Username

    Type a user name that has access to the DB2 database server and audit table.

    The user name can be up to 255 alphanumeric characters in length. The user name can also include underscores (_).

    Password

    Type the database password.

    The password can be up to 255 characters in length.

    Confirm Password

    Confirm the password to access the database.

    Table Name

    Type AUDITDATA as the name of the table or view that includes the event records.

    The table name can be up to 255 alphanumeric characters in length. The table name can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Select List

    Type * to include all fields from the table or view.

    You can use a comma-separated list to define specific fields from tables or views, if it is needed for your configuration. The list must contain the field that is defined in the Compare Field parameter. The comma-separated list can be up to 255 alphanumeric characters in length. The list can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Compare Field

    Type TIMESTAMP to identify new events added between queries to the table.

    The compare field can be up to 255 alphanumeric characters in length. The list can include the special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Use Prepared Statements

    Select this check box to use prepared statements, which allows the JDBC protocol source to set up the SQL statement one time, then run the SQL statement many times with different parameters. For security and performance reasons, it is suggested that you use prepared statements.

    Clear this check box to use an alternative method of querying that does not use pre-compiled statements.

    Start Date and Time

    Optional. Configure the start date and time for database polling.

    The Start Date and Time parameter must be formatted as yyyy-MM-dd HH: mm with HH specified by using a 24-hour clock. If the start date or time is clear, polling begins immediately and repeats at the specified polling interval.

    Polling Interval

    Type the polling interval, which is the amount of time between queries to the event table. The default polling interval is 10 seconds.

    You can define a longer polling interval by appending H for hours or M for minutes to the numeric value. The maximum polling interval is 1 week in any time format. Numeric values without an H or M designator poll in seconds.

    EPS Throttle

    Type the number of Events Per Second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS.

    Enabled

    Select this check box to enable the Pirean Access: One log source.

  10. Click Save.
  11. On the Admin tab, click Deploy Changes.

    The configuration is complete. Access Management and authentication events for Pirean Access: One are displayed on the Log Activity tab of JSA.