In order to manage an instance, access its details, and add it to your monitored environment, you need to register it with IDERA SQL Compliance Manager.

You can find the Add or Add SQL Server Instance option on the following views:

  • Instances - The Add button is located in the action items bar.
  • Administration - Located in the Instances section.

Below you can see the tabs and sections where you can find Add or Add SQL Server Instance.




The Add Server window of the Server Configuration wizard allows you to specify the SQL Server instance you want to register with IDERA SQL Compliance Manager. Once you register an instance, you can begin auditing database activity on that server.


To add an instance:

  1. In the Add Server page of the Server Configuration wizard, type the name of the target SQL Server instance you want to register in the SQL Server field, and then click Next. To browse through the instances in your environment, click the available search button. The Select SQL Server dialog appears. Select the appropriate instance, and then click OK.
  2. In the Cluster Server window, check This SQL Server instance is hosted by a Microsoft SQL Server Cluster virtual server if the instance is part of a clustered environment, and then click Next. Leave this box clear if the instance is not in a clustered environment.
  3. In the SQLcompliance Agent Deployment window, select whether you want to deploy the SQLcompliance Agent now or later, or if you want to manually install the Agent.
    • Deploy Now. Installs the SQLcompliance Agent when you complete the wizard. You must have a connection between the SQL Server that you want to audit and the Management Console.
    • Deploy Later. Does not install the SQLcompliance Agent. Select this option when you plan to install the SQLcompliance Agent later using the Management Console, such as installing during off-hours.
    • Manually Deploy. Does not install the SQLcompliance Agent. Select this option when you want to manually install the agent directly on the physical computer hosting the SQL Server instance. Note that this option is required for virtual SQL Server instances and instances located across a domain trust boundary.

      If you are auditing a virtual SQL Server, you must manually deploy the SQLcompliance Agent to each cluster node hosting the server. Use the Cluster Configuration Console to deploy and configure the SQLcompliance Agent. For more information about installing and configuring the SQLcompliance Agent for a virtual SQL Server, see Audit a virtual SQL Server instance.

      If you are auditing a SQL Server instance hosted by a computer that belongs to a non-trusted domain or a workgroup, you must manually deploy the SQLcompliance Agent to the host computer using the SQL Compliance Manager setup program.

  4. Click Next.
  5. In the SQLcompliance Agent Service Account window, type the service account name and password, confirm the password, and then click Next. The SQLcompliance Agent Service uses this account to stop and start SQL Server traces, execute stored procedures, manage trace files, and communicate with the Collection Server. Ensure you specify a valid Windows account that has SQL Server System Administrator privileges on the target SQL Server instance as well as read and write access to the specified trace directory.
  6. In the SQLcompliance Agent Trace Directory window, choose whether you want to use the default path for the agent trace directory, and then click Next. If you specify a different directory path, ensure the SQLcompliance Agent Service account has read and write privileges on that folder. SQL Compliance Manager does not change the security settings on existing folders.
  7. In the Database Selection window, select the database(s) you want to be audited, and then click Next. Note that you can click Select All as a shortcut.
  8. In the Server Audit Settings window, specify which types of SQL Server events you want to audit on the selected instance, and then click Next. Based on your selections, SQL Compliance Manager collects and processes the corresponding SQL Server events. You can choose to audit event categories and user defined events. An event category includes related SQL Server events that occur at the server level. A user defined event is a custom event you create and track using the sp_trace_generateevent stored procedure.
    • Default.
    • Custom.
    • Regulation.
  9. The Permissions Check window of the Configuration wizard displays the results of a check of the permissions required by IDERA SQL Compliance Manager on the SQL Server instance you want to monitor.

    If the check fails, review the issue, make the required change to the target SQL Server instance, and then click Re-check. Once the check in complete, click Next to continue.

    Required permissions include:

    • Collection Service must have rights to the Repository databases
    • Collection Service must have rights to read the registry at HKEY_LOCAL_MACHINE\Software\Idera\SQLcompliance
    • Collection Service must have permissions to the collection trace directory
    • Agent Service must have permissions to the agent trace directory
    • Agent Service must have rights to read the registry at HKEY_LOCAL_MACHINE\Software\Idera\SQLcompliance
    • Agent Service must have rights to the SQL Server instance
    • SQL Server must have permissions to the agent trace directory
    • SQL Server must have permissions to the collection trace directory

    You can make changes to the registry at HKEY_LOCAL_MACHINE\Software\Idera\SQLcompliance to update permissions for your services. for more information about the registry key, see Manage the registry key.

    Re-check allows you to re-check the required permissions after making an update to the target SQL Server instance in case the preliminary check fails.


  10. In the Summary window, review the provided summary, and then click Finish. When you complete this wizard, SQL Compliance Manager enables auditing on the selected databases. The Collection Server uses the settings you specified to process the raw audit data (SQL Server events) collected from the SQL Server instance.

    If you want to change a setting now, click Prev to return to the appropriate window. You can also change audit settings later using the Audited Database Properties window.

    Once complete, the newly-added SQL Server instance appears in the Audited Instances list.



IDERA Website | Products Buy Support Community About Us | Resources Legal

  • No labels