Database activity monitoring (DAM) : Configuring target database monitoring : Configuring monitoring using the TCP/IP sniffer (all database types)
 
Configuring monitoring using the TCP/IP sniffer (all database types)
FortiDB can monitor database activity using its TCP/IP sniffer.
The activity auditing and profiling features require the TCP/IP sniffer.
1. To configure a target to support database activity monitoring, on the General tab for the target, for DB Activity Monitoring, select Allow.
For more information on target configuration, see “Adding (or modifying) a target connection”.
2. Go to DB Activity Monitoring > Monitoring Management, and then click the name of the target.
3. On the General tab, complete the following settings:
Collection Method
Select TCP/IP Sniffer.
Version
Select the version of the target database.
FortiDB supports the following versions:
 
Oracle
9i, 10g, 11g
 
Microsoft SQL Server
2000, 2005, 2008, 2008_R2, 2012
 
DB2
UDB 9.1, 9.5, 9.7
 
Sybase
ASE 12.5, 15.0, 15.5, 15.7
SSL Certificate Private Key
For Microsoft SQL Server databases only.
If SSL encryption is enabled, select the SSL Certificate Private Key file and enter the Key Password (if you have it) that FortiDB uses.
The SSL Certificate for SSL encryption is configured on the server side.
SSL Certificate Private Key (P12)
For Oracle databases only.
If SSL encryption is enabled and certificate information is stored in PKCS #12 format, select the certificate file and enter the Key Password.
The SSL Certificate for SSL encryption is configured on the server side. For more information, see “Monitoring encrypted Oracle traffic”.
SSL Certificate Private Key (SSO)
For Oracle databases only.
If SSL encryption is enabled, select the X.509 format certificate file and enter the Key Password.
Sniffer on Port
Specify the FortiDB port that is connected to the switch's SPAN port.
Enable Activity Auditing
Select to enable activity auditing.
Log All
Select to audit all activity. Otherwise, FortiDB audits only activity captured by the policies specified by the Audit Policies tab.
Enable Activity Profiling
Select to enable activity profiling.
4. If you did not select Log All, to specify the activity that is audited, do one of the following:
On the Audit Polices tab, create a list of one or more policies to use.
On the Audit Policy Groups tab, select one or more policy groups to use.
For information on adding audit policies and audit policy groups to the configuration, see “Adding alert and audit policies to monitoring”.
By default, no audit policies or policy groups are specified.
5. On the General tab, under Monitoring, click Start Monitoring.
For more information about monitoring, see “Monitoring settings and messages”.
See also
Target monitoring configuration tabs and options
Network requirements for monitoring using the TCP/IP sniffer