Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Sophos Enterprise Console

 

JSA has two options for gathering events from a Sophos Enterprise Console by using JDBC.

The Sophos Enterprise Console DSM for JSA accepts events by using Java Database Connectivity (JDBC).

JSA records all relevant anti-virus events. This document provides information on configuring JSA to access the Sophos Enterprise Console database by using the JDBC protocol.

To use the Sophos Enterprise Console protocol, you must ensure that the Sophos Reporting Interface is installed with your Sophos Enterprise Console. If you do not have the Sophos Reporting Interface, you must configure JSA by using the JDBC protocol. For information on installing the Sophos Reporting Interface, see your Sophos Enterprise Console documentation.

To gather events from a Sophos Enterprise Console:

  1. Configuring the Database View.

  2. Select the method that best applies to your Sophos Enterprise Console installation:

Configuring the Database View

To integrate JSA with Sophos Enterprise Console:

  1. Log in to your Sophos Enterprise Console device command-line interface (CLI).
  2. Type the following command to create a custom view in your Sophos database to support JSA:

    Where <Database Name> is the name of the Sophos database.

    Note

    The database name must not contain any spaces.

After you create your custom view, you must configure JSA to receive event information that uses the JDBC protocol or the Sophos Enterprise Console JDBC protocol.

Sophos Enterprise Console JDBC Log Source Parameters for Sophos Enterprise Console

If JSA does not automatically detect the log source, add a Sophos Enterprise Console log source on the JSA Console by using the Sophos Enterprise Console JDBC protocol.

When using the Sophos Enterprise Console JDBC protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect Sophos Enterprise Console JDBC events from Sophos:

Table 1: Sophos Enterprise Console JDBC log source parameters for the Sophos Enterprise Console DSM

Parameter

Value

Log Source Type

Sophos Enterprise Console

Protocol Configuration

Sophos Enterprise Console JDBC

Log Source Identifier

Type the identifier for the log source. Type the log source identifier in the following format:

<Sophos Database>@<Sophos Databas Server IP or Host Name>, where:

  • <Sophos Database> is the database name, as entered in the Database Name parameter.

  • <Sophos Database Server IP or Host Name> is the host name or IP address for this log source, as entered in the IP or Hostname parameter.

When you define a name for your log source identifier, you must use the values of the Sophos Database and Database Server IP address or host name from the Management Enterprise Console.

JDBC Log Source Parameters for Sophos Enterprise Console

If JSA does not automatically detect the log source, add a Sophos Enterprise Console log source on the JSA Console by using the JDBC protocol.

When using the JDBC protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect JDBC events from Sophos Enterprise Console:

Table 2: JDBC Log Source Parameters for the Sophos Enterprise Console DSM

Parameter

Value

Log Source Type

Sophos Enterprise Console

Protocol Configuration

JDBC

Log Source Identifier

Type the IP address or host name for the log source as an identifier for events from your Sophos Enterprise Console devices.