Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Use the Console to register your SQL Servers

To register your SQL Server instance:

  1. Ensure the SQL Server instance you want to register meets the hardware and software requirements.
  2. Decide which SQL Server events you want to audit on this instance.
  3. Start the Management Console, and then click New > Registered SQL Server.
  4. Specify or browse to the SQL Server instance you want to register with SQL Compliance Manager, and then click Next. You can also specify the description SQL CM SQL Compliance Manager uses when listing this instance in the Management Console.
  5. If the SQL Server instance is hosted by a Microsoft SQL Server Cluster virtual server , select the checkbox. Click Next.
  6. Indicate whether you want to deploy the SQLcompliance Agent now or later, and then click Next. You can also choose to deploy the SQLcompliance Agent manually, allowing you to install the agent at the physical computer that is hosting the registered SQL Server instance.

    Info

    If you are auditing a virtual SQL Server or a SQL Server instance running in a non-trusted domain or workgroup , you must manually deploy the SQLcompliance Agent to the computer hosting the instance. For more information, see Deploy the SQLcompliance Agent manually.

  7. If you chose to deploy the SQLcompliance Agent now , specify the appropriate service account credentials for the agent, and then click Next. For more information, see Permissions requirements.
  8. If you chose to deploy the SQLcompliance Agent now , indicate whether you want the SQLcompliance Agent to use the default trace directory, and then click Next. By default, the trace directory path is:
    C:\Program Files\Idera\SQLcompliance\AgentTraceFiles
    If you designate a different directory path , ensure the SQLcompliance Agent Service account has read and write privileges on the specified folder.
  9. Select the server databases you want to audit, and then click Next. If you do not want to audit any databases , clear the Audit Databases check box.
  10. Select the collection level of server activities you want to audit, and then click Next.
  11. If you chose to create a custom audit collection , select the server activities you want to audit, and then click Next. You can also indicate whether you want to audit successful or failed access checks.
  12. If you chose to create a custom audit collection , specify which privileged users you want to audit, and then click Next. If you are auditing a virtual SQL Server or a SQL Server instance running in a non-trusted domain or workgroup , configure privileged user audit settings after you have deployed the SQLcompliance Agent.
  13. If you chose to create a custom audit collection , select the database activities you want to audit, and then click Next. You can also indicate whether you want to audit successful or failed access checks, capture SQL statements for DML and SELECT activity, or capture the transaction status for DML activity.
  14. If you chose to create a custom audit collection , specify which privileged users you want to audit, and then click Next.
  15. Specify whether you want to grant the assigned SQL logins read access to events audited on this SQL Server instance, and then Next. For more information, see How Console security works.
  16. Click Finish.

...

SQL Compliance Manager includes a sample instance audit settings template (Sample_Server_AuditSettings.xml) for your convenience. Use this sample template to familiarize yourself with how specific audit settings are defined. By default, the sample template is located under C:\Program Files\Idera\SQLcompliance.

To register an instance and apply the Typical (default) audit settings:

  1. Use the SQL CM Compliance Manager setup program to the target instance.
  2. In Windows Command Prompt, use the following syntax: SQLcmCmd [-host CollectionServer] [-port number] registerinstance instance.

To register an instance and apply a FERPA regulation guideline:

Info

The FERPA regulation guideline is provided as an XML template (FERPA_Server_Regulation_Guideline.xml) stored in the SQL CM SQL Compliance Manager installation directory (C:\Program Files\Idera\SQLcompliance). Ensure the path you cite for the FERPA template reflects the directory you chose during installation.

  1. Use the SQL CM Compliance Manager setup program to manually deploy the SQLcompliance Agent to the instance that hosts the target database.
  2. In Windows Command Prompt, use the following syntax: SQLcmCmd [-host CollectionServer] [-port number] registerinstance instance -config "FERPA regulation guideline file path".

To register an instance and apply a SOX regulation guideline:

Info

The SOX regulation guideline is provided as an XML template (SOX_Server_Regulation_Guideline.xml) stored in the SQL Compliance Manager installation directory (C:\Program Files\Idera\SQLcompliance). Ensure the path you cite for the SOX template reflects the directory you chose during installation.

  1. Use the SQL CM Compliance Manager setup program to manually deploy the SQLcompliance Agent to the instance that hosts the target database.
  2. In Windows Command Prompt, use the following syntax: SQLcmCmd [-host CollectionServer] [-port number] registerinstance instance -config "SOX regulation guideline file path".

To register an instance and apply a custom audit template:

  1. Determine which currently audited SQL Server instance has the audit settings you want to apply to the new instance.
  2. Export your audit settings from the source instance.
  3. Use the SQL Compliance Manager setup program to manually deploy the SQLcompliance Agent to the target instance.
  4. In Windows Command Prompt, use the following syntax: SQLcmCmd [-host CollectionServer] [-port number] registerinstance instance -config "exported audit settings file path".

 

Excerpt
SQL Compliance Manager audits all activity on your server. Learn more > >