IBM Privileged Session Recorder
The JSA DSM for IBM Privileged Session Recorder can collect event logs from your IBM Privileged Session Recorder device.
The following table lists the specifications for the IBM Privileged Session Recorder DSM.
Table 1: IBM Privileged Session Recorder Specifications
Specification | Value |
|---|---|
Manufacturer | IBM |
DSM name | Privileged Session Recorder |
RPM filename | DSM-IBMPrivilegedSessionRecorder |
Protocol | JDBC |
JSA recorded event types | Command Execution Audit Events |
Automatically discovered? | No |
Includes identity? | No |
More information |
To collect IBM Privileged Session Recorder events, use the following procedures:
If automatic updates are not enabled, download and install the following RPMs on your JSA Console:
Protocol-JDBC RPM
IBM Privileged Session Recorder DSM RPM
On the IBM Security Privileged Identity Manager dashboard, obtain the database information for the Privileged Session Recorder data store and configure your IBM Privileged Session Recorder DB2 database to allow incoming TCP connections.
For each instance of IBM Privileged Session Recorder, create an IBM Privileged Session Recorder log source on the JSA Console. Use the following table to define the Imperva SecureSphere parameters:
Table 2: IBM Privileged Session Recorder Log Source Parameters
Parameter
Description
Log Source Type
IBM Privileged Session Recorder
Protocol Configuration
JDBC
Log Source Identifier
DATABASE@HOSTNAME
Database Type
DB2
Database Name
The Session Recorder data store name that you configured on the IBM Privileged Identity Manager dashboard.
IP or Hostname
The Session Recorder database server address.
Port
The port that is specified on IBM Privileged Identity Manager dashboard.
Username
The DB2 database user name
Password
The DB2 database password
Predefined Query
IBM Privileged Session Recorder
Use Prepared Statements
This option must be selected.
Start Date and Time
The initial date and time for the JDBC retrieval.
Configuring IBM Privileged Session Recorder to Communicate with JSA
Before you can configure a log source in IBM Privileged Session Recorder for JSA, obtain the database information for the Privileged Session Recorder data store. You must also configure your IBM Privileged Session Recorder DB2 database to allow incoming TCP connections from JSA.
IBM Privileged Session Recorder is a component of IBM Security Privileged Identity Manager.
- Log in to the IBM Security Privileged Identity Manager web user interface.
- Select the Configure Privileged Identity Manager tab.
- Select Database Server Configuration in the Manage External Entities section.
- In the table, double-click the Session Recording data store row in the Database Server Configuration column.
- 5. Record the following parameters to use when you configure
a log source in JSA:
IBM Privileged Session Recorder Field
JSA Log Source Field
Hostname
IP or Hostname
Port
Port
Database name
Database Name
Database administrator ID
Username
JDBC Log Source Parameters for IBM Privileged Session Recorder
If JSA does not automatically detect the log source, add an IBM Privileged Session Recorder log source on the JSA Console by using the JDBC protocol.
When using the JDBC protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect JDBC events from IBM Privileged Session Recorder:
Table 3: JDBC Log Source Parameters for the IBM Privileged Session Recorder DSM
Parameter | Value |
|---|---|
Log Source type | IBM Privileged Session Recorder |
Protocol Configuration | JDBC |