TWTQ: SQL Server autodiscovery

TWTQ: SQL Server autodiscovery

Hey everyone!

Here's This Week's Top Question (TWTQ):

Q: What database audit reports does Log360 give me? How do I configure SQL Servers using the auto discovery feature?

A: Your organization's databases store a lot of business critical information, and are heavily targeted by internal and external attackers. A data breach could cost you heavily in terms of recovery costs, and legal and compliance fines. The time and effort required to recover from a data breach would also set your business back a long way. 

Apart from being a mandate in several compliance policies, an efficient database auditing mechanism can help avoid all of the above, and help protect your data always. 

Log360 makes database auditing easy
The EventLog Analyzer component of Log360 generates several predefined reports for Microsoft SQL Server databases, which allow you to view the following information at a glance:
  • DDL and DML activity: Includes structural level database changes like table creation, and functional usage information like data access.
  • Server level activity: Reports on server startups and shutdowns, creation of server level objects, and more.
  • Account changes: Includes data on new user accounts, password changes, and more.
  • Security attacks: Information on common attack attempts, like SQL injection or denial of service attacks.
Log360 can automatically discover SQL Server instances on your network, which means you can have your database auditing mechanism up and running in no time, and start collecting information on the above.

Configuring SQL Servers
To discover and add SQL Server instances for monitoring:
In the EventLog Analyzer component, go to Settings > Configurations > Manage Applications > SQL Servers > +Add Instance.

When you click Add Instance, SQL Server instances are automatically discovered and displayed as a list in the popup window that opens. The list displays the instance name, device name, and port number for each discovered SQL server instance. All you have to do is select the instances you wish to monitor, and click Next.

In the next step, you have to provide valid credentials for the instances. You can even choose to use the current machine logon credentials if required, and click Save.

Once you've done this, Log360 automatically starts collecting your database server logs and generates a range of database audit reports which help you tighten security and protect your sensitive data at all times.