frankabhinav Super Contributor.
Super Contributor.
1338 views

Configuring PAM for Database Monitoring

I have followed the link https://www.netiq.com/documentation/privileged-account-manager-3/npam_admin/data/pamconfiguration_dbmonitoring.html
for monitoring MS SQL but when i am seeing inside my reporting tab there is no log is made by the rule.

How to check log for database connection?

Do i need to enter run user as SA(defualt user inside MS SQL)?

Do i need to install some odbc driver?
if yes, Can provide me with step for suse linux(SUSE Linux Enterprise Server 11 SP3 (x86_64) - Kernel \r (\l).).

Thanks
0 Likes
7 Replies
frankabhinav Super Contributor.
Super Contributor.

Re: Configuring PAM for Database Monitoring

Attaching a pdf for your reference
0 Likes
vertika Absent Member.
Absent Member.

Re: Configuring PAM for Database Monitoring

Hi

For MSSQL database connection, please check in PAM Admin console --> Hosts --> PAM Manager Packages --> DBaudit package --> settings --> SQL Server Browser Service is running

If the DB connection is established via PAM then Reporting Console will show the logs.

Any DB user who has permissions for accessing the DB can be used

For DB access and monitoring, there is no need of installing any odbc drivers

Thanks,
Vertika
0 Likes
frankabhinav Super Contributor.
Super Contributor.

Re: Configuring PAM for Database Monitoring

Thanks Vertica,

Yes, DBaudit package is not there for windows machine.

But isnt there any way so that i can monitor the database.

1. Like installing framework manager on a linux system then register it on the windows machine .So there we can have all the packages
Because I have done for SSH agent and it is working fine for me.
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Configuring PAM for Database Monitoring

Yes, that approach should work.

The dbaudit package, which is used in database monitoring, is supported only on Linux servers (see Supported Database Versions and Platforms).

For more details on this feature, please refer to Privileged Account Monitoring of Database.
0 Likes
frankabhinav Super Contributor.
Super Contributor.

Re: Configuring PAM for Database Monitoring

I have done all the configuration .

My Database connector is fetching all the information and also added the Rule

For you reference i have added pdf in earlier post but still no log is made for DBMSSql server
0 Likes
frankabhinav Super Contributor.
Super Contributor.

Re: Configuring PAM for Database Monitoring

Is there any log to check . So that i can identify the error leaving out PAM logs.

How can we configure PAM user in MS SQL .?
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Configuring PAM for Database Monitoring

Regarding user configuration, it proxy forwards the authentication request from the db client, "Privileged Account Manager receives the connection request from the database client and sends the connection request to the database server."
https://www.netiq.com/documentation/privileged-account-manager-3/npam_admin/data/b1ff3o0v.html

For logging, please set to DEBUG and use the unifid.log - same log for everything.
There is an additional client level logging that can be enabled temporarily: https://www.novell.com/support/kb/doc.php?id=7021106.

If there is trouble authenticating users through PAM, then I suspect the target db is rejecting the connection from PAM.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.