This guide leads you through the process that monitors your
target database and results in generating compliance reports.
Note: All GUI
fields marked with an asterisk (*) must be filled in or
specified.
The example used here assumes you will monitor
an
MS SQL Server target database. Before starting
a target connection, you need to make sure that your target
database is configured properly to be monitored by FortiDB. For
details about configuring MS SQL Server target databases, see
Configuring
the MS SQL Server Target Database
- Login to FortiDB as the FortiDB
admin user using fortidb1!$ for the password
.
- Create a target database
connection.
- Go to Target
Database Server >
Targets.
- Select the Add
button. The Target page will display. The
General tab is selected.
- Enter the information in the text
boxes marked with an asterisk (*) with settings
appropriate to your target database. Assume an MS SQL Server target
with these parameters:
- Name: Enter your target_name
- Type: Select the Microsoft SQL
Server
- DB Host Name/IP: Enter IP address or computer
name on your system that contains the Oracle target database.
- Port: 1433 (default)
- Connect At: Server Level is
selected (default)
- DB Name: Enter the name of your MS SQL Server
target database is shown and grayed out (ex. master)
- User Name: Enter a name of an MS SQL Server
database user.
- Password: Enter the password of the user.
- DB Activity Monitoring: Verify that the
'Allow' check box is selected.
- Select the Test
Connection button to verify that your target database is
reachable and that your connection parameters are correct.
You should see a 'Success' message.
- Select the
Save. target_name and related
information should appear on the Targets
page.
- Associate the policy group to the MS
SQL Server target database.
- Go to DB Activity
Monitoring > Monitoring
Management.
- Click on the name of your target
database. The Target Monitor: <your target name> page
displays. The General tab is selected.
- In the General
tab, configure the following settings:
- In the Collection Method field, SQL Trace is
selected.
- Enter a full path of the existing trace folder in the Trace
Folder field. (Ex. C:\SQLTrace)
- Set the polling frequency (60 seconds by default).
- Click the Test
button to test the collection method. The "Success" message
should be shown at the top of the page.
- Go to the Alert Policy
Groups tab.
- Select PCI
Policies and click the right arrow to move the item to the
right box.
- Select Sox
Policies and click the right arrow to move the item to the
right box.
- Click the
Save.
- Start monitoring your target.
- Go to the General
tab.
- Click the Start
Monitoring. Monitor status should show
"Running".
- Execute SQL statements in your target
database to generate data.
Note: To generate
data for History of Privilege Changes, execute SQL statements to
change privileges.
- Create a PCI compliance report.
- Go to Report >
PCI Reports in the left-side tree menu.
- Select PCI -
Successful/Unsucessful Database Logins (for this
example).
- Configure the Generate Audit
Compliance report.
- Select the PDF from the Export
as dropdown list (default).
- Enter W/R Reference if necessary.
- Set the Date Range you want to see data in the
report.
- Confirm you see your target database name in the left box. If
there is no data, the target name does not appear in the box.
- Select
Export. The File Download dialog displays.
You can open or save the report to a file.
- Create a SOX compliance report.
- Go to Report >
Sox Reports in the left-side tree menu.
- Select History Of Privilege
Changes (for this example).
- Configure the Generate Audit
Compliance report.
- Select the PDF from the Export
as dropdown list (default).
- Enter W/R Reference if necessary.
- Set the Date Range you want to see data in the
report.
- Confirm you see your target database name in the left box. If
there is no data, the target name does not appear in the box.
- Select
Export. The File Download dialog displays.
You can open or save the report to a file.