1. Enable additional ODBC connection tracing
Add the following lines to the beginning of the /etc/netwitness/ng/odbc.ini file.
Trace=1, or Trace=yes, is to enable the trace logging
TraceFile is the directory, and the pre-fix filename used for the trace files, for example see files /tmp/odbc-trace01.log and /tmp/odbc-traceINFO.log
TraceDll is the Progress Dll to be used to do the tracing, the file must exist in the path provided.
- If set to 0, the driver uses standard ODBC tracing.
- If set to 1, the log file includes a timestamp on ENTRY and EXIT of each ODBC function.
- If set to 2, the log file prints a header on every line. By default, the header includes the parent process ID and process ID.
- If set to 3, both TraceOptions=1 and TraceOptions=2 are enabled. The header includes a timestamp as well as a parent process ID and process ID.
To disable either remove the added Trace lines, or change to Trace=0, or put a "#" character a the beginning of each Trace line.
2. Test an ODBC connection on a RSA Security Analytics Log Collector appliance
Requires the nwlogcollectortools rpm package to be installed on the Log Collector appliance.
If it is not already installed, install it with the command,
rpm -Uvh nwlogcollectortools
a. Set the following environment variables:
export LD_LIBRARY_PATH=/opt/netwitness/odbc/lib:/usr/lib64 LD_LIBRARY_PATH
b. Run the ODBC connection test with the following command:
/usr/bin/NwOdbcExample --dsn=<DSN> --username=<USER> --password=<PASSWORD>
<DSN> is a dsn entry already configured in the /etc/netwitness/ng/odbc.ini file
<USER> is the Database username, it is best to use the username configured in the Log Collector, to test how SA will try to login to the database
<PASSWORD> Database password
If the command is successful it will return a SQL> prompt.
You can run a SQL command, like to test if the Database username has permission to access a database table
You can use "quit" to exit the SQL prompt.