Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring a Log Source in JSA to Collect Events from Pirean Access: One

 

To collect events, you must configure a log source in JSA to poll your Access: One installation database with the JDBC protocol.

  1. Click the Admin tab.
  2. Click the Log Sources icon.
  3. Click Add.
  4. Configure the parameter values. The following table describes the parameters that require specific values to collect events from PireanAccess: One:

    Table 1: Pirean Access: One JDBC Log Source Parameters

    Parameter

    Description

    Log Source Name

    Type a unique name for the log source.

    Log Source Description(Optional)

    Type a description for the log sour

    Log Source Type

    Pirean Access: One

    Protocol Configuration

    JDBC

    Log Source Identifier

    Type a name for the log source. The name can't contain spaces and must be unique among all log sources of the log source type that is configured to use the JDBC protocol.

    If the log source collects events from a single appliance that has a static IP address or host name, use the IP address or host name of the appliance as all or part of the Log Source Identifier value; for example, 192.168.1.1 or JDBC192.168.1.1. If the log source doesn't collect events from a single appliance that has a static IP address or host name, you can use any unique name for the Log Source Identifier value; for example, JDBC1, JDBC2.

    Database Type

    DB2

    Database Name

    Type the name of the database to which you want to connect. The default database name is LOGINAUD.

    IP or Hostname

    Type the IP address or host name of the database server.

    Port

    Enter the JDBC port. The JDBC port must match the listener port that is configured on the remote database. The database must permit incoming TCP connections. The valid range is 1 - 65535.

    The defaults are:

    • MSDE - 1433

    • Postgres - 5432

    • MySQL - 3306

    • Sybase - 1521

    • Oracle - 1521

    • Informix - 9088

    • DB2 - 50000

    If a database instance is used with the MSDE database type, you must leave the Port field blank.

    Username

    A user account for JSA in the database.

    Password

    The password that is required to connect to the database.

    Confirm Password

    The password that is required to connect to the database.

    Table Name

    Type AUDITDATA as the name of the table or view that includes the event records.

    The table name can be up to 255 alphanumeric characters in length. The table name can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Select List

    Type * to include all fields from the table or view.

    You can use a comma-separated list to define specific fields from tables or views, if it is needed for your configuration. The list must contain the field that is defined in the Compare Field parameter. The comma-separated list can be up to 255 alphanumeric characters in length. The list can include the following special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Compare Field

    Type TIMESTAMP to identify new events added between queries to the table.

    The compare field can be up to 255 alphanumeric characters in length. The list can include the special characters: dollar sign ($), number sign (#), underscore (_), en dash (-), and period(.).

    Use Prepared Statements

    Select this check box to use prepared statements, which allows the JDBC protocol source to set up the SQL statement one time, then run the SQL statement many times with different parameters. For security and performance reasons, it is suggested that you use prepared statements.

    Clear this check box to use an alternative method of querying that does not use pre-compiled statements.

    Start Date and Time

    Optional. Configure the start date and time for database polling.

    The Start Date and Time parameter must be formatted as yyyy-MM-dd HH: mm with HH specified by using a 24-hour clock. If the start date or time is clear, polling begins immediately and repeats at the specified polling interval.

    Polling Interval

    Type the polling interval, which is the amount of time between queries to the event table. The default polling interval is 10 seconds.

    You can define a longer polling interval by appending H for hours or M for minutes to the numeric value. The maximum polling interval is 1 week in any time format. Numeric values without an H or M designator poll in seconds.

    EPS Throttle

    Type the number of Events Per Second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS.

    Security Mechanism

    From the list, select the security mechanism that is supported by your DB2 server. If you don't want to select a security mechanism, select None.

    The default is None.

    Enabled

    Select this check box to enable the Pirean Access: One log source.

  5. Click Save.
  6. On the Admin tab, click Deploy Changes.

    The configuration is complete. Access Management and authentication events for Pirean Access: One are displayed on the Log Activity tab of JSA.