000034475 - Test an ODBC connection from a RSA Security Analytics Log Collector

Document created by RSA Customer Support Employee on Dec 2, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000034475
Applies ToRSA Product Set: RSA Security Analytics
RSA Product/Service Type: RSA Security Analytics Log Collector
Issue

1. How to get additional ODBC connection tracing from a Log Collector test connection?
2. How to test an ODBC connection from a RSA Security Analytics Log Collector?

Resolution

1. Enable additional ODBC connection tracing



Add the following lines to the beginning of the /etc/netwitness/ng/odbc.ini file.
 


[ODBC]
Trace=1
TraceFile=/tmp/odbc-trace.log
TraceDll=/opt/netwitness/odbc/lib/R3trc26.so
TraceOptions=3

 

Where:
Trace=1, or Trace=yes, is to enable the trace logging
TraceFile is the directory, and the pre-fix filename used for the trace files, for example see files /tmp/odbc-trace01.log and /tmp/odbc-traceINFO.log
User-added image
TraceDll is the Progress Dll to be used to do the tracing, the file must exist in the path provided.
TraceOptions:


  • If set to 0, the driver uses standard ODBC tracing.
  • If set to 1, the log file includes a timestamp on ENTRY and EXIT of each ODBC function.
  • If set to 2, the log file prints a header on every line. By default, the header includes the parent process ID and process ID.
  • If set to 3, both TraceOptions=1 and TraceOptions=2 are enabled. The header includes a timestamp as well as a parent process ID and process ID.


To disable either remove the added Trace lines, or change to Trace=0, or put a "#" character a the beginning of each Trace line.
 


2. Test an ODBC connection on a RSA Security Analytics Log Collector appliance



Requires the nwlogcollectortools rpm package to be installed on the Log Collector appliance.
If it is not already installed, install it with the command,
rpm -Uvh nwlogcollectortools
a. Set the following environment variables:
export LD_LIBRARY_PATH=/opt/netwitness/odbc/lib:/usr/lib64 LD_LIBRARY_PATH
export ODBCINI=/etc/netwitness/ng/odbc.ini
export ODBCINST=/opt/netwitness/odbc/odbcinst.ini

b. Run the ODBC connection test with the following command:
/usr/bin/NwOdbcExample --dsn=<DSN> --username=<USER> --password=<PASSWORD>
Where:
<DSN> is a dsn entry already configured in the /etc/netwitness/ng/odbc.ini file
<USER> is the Database username, it is best to use the username configured in the Log Collector, to test how SA will try to login to the database
<PASSWORD> Database password
If the command is successful it will return a SQL> prompt.
You can run a SQL command, like to test if the Database username has permission to access a database table
You can use "quit" to exit the SQL prompt.
User-added image

Attachments

    Outcomes