LOGbinder SQL Event Collection from Microsoft SQL Server
The JSA DSM for Microsoft SQL Server can collect LOGbinder SQL events.
The following table identifies the specifications for the Microsoft SQL Server DSM when the log source is configured to collect LOGbinder SQL events:
Specification |
Value |
---|---|
Manufacturer |
Microsoft |
DSM name |
Microsoft SQL Server |
RPM file name |
DSM-MicrosoftSQL-JSA_version-build_number .noarch.rpm |
Supported versions |
LOGBinder SQL V2.0 |
Protocol type |
Syslog |
JSA recorded event types |
All events |
Automatically discovered? |
Yes |
Included identity? |
Yes |
More information |
LogBinder SQL website (http://www.logbinder.com/products/logbindersql/) Microsoft SQL Server website (http://www.microsoft.com/en-us/server-cloud/products/sql-server/) |
The Microsoft SQL Server DSM can collect other types of events. For more information about other Microsoft SQL Server event formats, see the Microsoft SQL Server topic in the Juniper Secure Analytics Configuring DSMs.
To collect LOGbinder events from Microsoft SQL Server, use the following steps:
-
If automatic updates are not enabled, download the most recent version of the following RPMs from the Juniper Downloads:
-
DSMCommon RPM
-
Microsoft SQL Server DSM RPM
-
Configure your LOGbinder SQL system to send Microsoft SQL Server event logs to JSA.
If the log source is not automatically created, add a Microsoft SQL Server DSM log source on the JSA Console. The following table describes the parameters that require specific values that are required for LOGbinder event collection:
Table 2: Microsoft SQL Server Log Source Parameters for LOGbinder Event Collection Parameter
Value
Log Source type
Microsoft SQL Server
Protocol Configuration
Syslog
Configuring Your LOGbinder SQL System to Send Microsoft SQL Server Event Logs to JSA
To collect Microsoft SQL Server LOGbinder events, you must configure your LOGbinder SQL system to send events to JSA.
Configure LOGbinder SQL to collect events from your Microsoft SQL Server. For more information, see your LOGbinder SQL documentation.
Open the LOGbinder SQL Control Panel.
Double-click Output in the Configure pane.
Choose one of the following options:
Configure for Syslog-Generic output:
In the Outputs pane, double-click Syslog-Generic.
Select the Send output to Syslog-Generic check box, and then enter the IP address and port of your JSA Console or Event Collector.
Configure for Syslog-LEEF output:
In the Outputs pane, double-click Syslog-LEEF.
Select the Send output to Syslog-LEEF check box, and then enter the IP address and port of your JSA Console or Event Collector.
Click OK.
To restart the LOGbinder service, click the Restart icon.