This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA NetWitness® Platform Discussions

Discussions about the RSA NetWitness Platform.
OrnaldoNaqellar
Beginner
Beginner
‎2019-01-16 08:37 AM

SQL SERVER BEST PRACTICE LOG COLLECT

Hello,

 

I'm trying to configure sql servers to send logs into RSA. Please can anyone share the experience which is the best recommanded way to do it ? The documents are just a bit confusing to me: File (ERRORLOG), Windows Eventing (MS SQL Ser-vice Logs and SQL Auditing) or ODBC (SQL Auditing) ? Based on some resources SQL Server Audit Logging  they suggest to do the File mode.

 

Also I'm having problems doing the configuration for File mode. What is File Directory ?

 

Thank You

Labels (1)
Labels
0 Likes
Reply
2 Replies
DaveGlover
Contributor Contributor
Contributor
‎2019-01-16 09:20 AM

Ornaldo

 

Typically I use ODBC as a collection method. When using ODBC it is important to pare down the collection script to reflect only what you need for events from the SQL server.

 

Dave

Reply
OrnaldoNaqellar
Beginner
Beginner
In response to DaveGlover
‎2019-02-19 08:02 AM

Thank You Dave. I'm trying to do ODBC or File with Error Log. Is there any difference ? ODBC mode i found too complicated with all the scripts to execute etc

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.