Page History
...
 | Follow these steps ... |
|---|---|
 | |
| Identify which virtual SQL Server instances you want to audit. |
| Identify which cluster nodes host each virtual SQL Server instance. Make sure that you identify the currently active node as well as any passive nodes in the same cluster. |
| On each cluster node, open port 5200 for SQLcompliance Agent communication. |
| For each cluster node, identify the folder you want to use for the SQLcompliance Agent trace directory. If a cluster node hosts more than one virtual SQL Server instance, identify a trace directory for each additional instance you want to audit. |
| For each cluster node, identify the account you want to use for the SQLcompliance Agent Service. Verify that this account can access the computer where you installed the Collection Server. Also make sure that this account belongs to the Administrators group on each node. Review the SQLcompliance Agent Service permission requirements. |
| Deploy the SQLcompliance Agent to each cluster node using the Cluster Configuration setup program. |
| Add the SQLcompliance Agent service on each cluster node using the Cluster Configuration Console. |
| Register the SQLcompliance Agent as a generic service using the Microsoft Cluster Administrator tool. |
| Register each virtual SQL Server instance with SQL Compliance Manager using the Management Console. Note that you must choose manual deployment for the SQLcompliance Agent. |
| Specify the SQL Server events you want to audit on each registered virtual SQL Server instance using the Management Console. |
| Run SQL Compliance Manager. Use report cards and the Audit Events tab to ensure you are auditing the correct SQL Server events. |
1.
| Anchor | ||||
|---|---|---|---|---|
|
| Info |
|---|
You must perform these steps on all nodes of the cluster. |
- Once the Cluster Configuration Console launches, click Add Service.
- On the General dialog window, specify the name of the clustered instance to be audited by IDERA SQL Compliance Manager and click Next.
- On the Collection Server dialog window, specify the name of the server hosting the SQLcompliance Collection Service and click Next.
- On the SQLcompliance Agent Trace Directory dialog window, specify the path on which trace files will temporarily reside before being transferred to the SQLcompliance Collection Service.
The path specified should be on a drive that is a part of the same resource group as the SQL Server instance to be audited. On the CLR Trigger Location dialog window, specify the path on which trigger assembly files will reside. The path specified should be on a drive that is a part of the same resource group as the SQL Server instance to be audited.
Click Next.Note Ensure the Agent Trace directory and the CLR Trigger location specified exist by creating the folder structure manually through Windows Explorer.
- Review the configuration and click Finish.
- The IDERA Cluster Configuration Console displays a confirmation message stating that you have successfully added the SQLcompliance Agent.
Click OK.
2.
| Anchor | ||||
|---|---|---|---|---|
|
Registering the SQLcompliance Agent service with Microsoft Failover Cluster Manager allows the Microsoft Cluster Service to manage the SQLcompliance Agent service in failover situations. This configuration ensures that auditing will continue during a failover and no audit data is lost.
...