Is anyone collecting logs from Centrify? This tools tracks all Unix related commands and stores them in a MS SQL DB.
I am trying to pull data from several tables using a read-only access account but I have not been successful yet.
I've not heard of anyone pulling logs from Centrify. Request it from RSA here:
They might also be a good candidate for the partner program, if they are willing to write the XML with ESI. More info available in the partner code section of the IC.
Getting event data from databases tends to be pretty easy. Look at some of the other ODBC collection types to get a feel for how they are working. Basically, you need to work on getting your SQL query correct before you can really kick off the UDS via the ESI tool. Any chance you can provide a sample of what your query would look like and the data it is returning?
I'd work on the query with a standard SQL tool. Then look at pulling the logs to enVision.
The "Suggest New" link doesn't work anymore, and I haven't been able to locate it's replacement. I just opened a case today to ask about Centrify support. Based on the age of this thread, I'm guessing it might be a while if no one else has asked.
I got this link for the "New Device Request" from Support:
Retrieving data ...