- Created by Maksim Kuzmov, last modified by Pavel Golubnichiy on Jan 24, 2020
The current version of Indeed Log Server supports:
- Windows Event Log
- Microsoft SQL Server
- PostgreSQL Pro
Events can be read from only one source, and recorded to several sources simultaneously.
The read and write sources are configured in the configuration file C:\inetpub\wwwroot\ils\clientApps.config in the <Application Id="pam" SchemaId="Pam.Schema"> section.
The source for reading events is specified in the tags <ReadTargetId> .. </ReadTargetId>.
Sources for recording events are specified one by one in the <TargetId> .. </TargetId> tags and are listed in the WriteTargets section.
Configuring reading and writing events in the Windows Event Log
Go to the C:\inetpub\wwwroot\ils directory and edit the clientApps.config file by changing the item:
<!--<Application Id="pam" SchemaId="Pam.Schema">
<ReadTargetId>pamEventLogTarget</ReadTargetId>
<WriteTargets>
<TargetId>pamEventLogTarget</TargetId>
</WriteTargets>
<AccessControl>
<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />
</AccessControl>
</Application>-->
this way:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>pamEventLogTarget</ReadTargetId> <WriteTargets> <TargetId>pamEventLogTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>
Below, in the Targets section, make sure there is an uncommented line
<Target Id="Pam.EventLogTarget" Type="eventlog"/>
Setting up reading and writing events in the DBMS
Microsoft SQL Server
- Go to the directory C:\inetpub\wwwroot\ils\targetConfigs, create a copy of the file sampleDb.config and rename it to mssqlDb.config, then edit the mssqlDb.config file according to the settings below:
<Settings>… </Settings>:- Data Source - Name of the Microsoft SQL Server/PostgreSQL Pro server or named instance of Microsoft SQL Server
- Initial Catalog - database name (ILS)
- User ID - service account for working with Indeed PAM databases
Password - service account password
<Settings> <ConnectionString>Data Source=SQLServer;Database=ILS;Integrated Security=False;User ID=IPAMSQLService;Password=Password</ConnectionString> </Settings>
If using a named instance of Microsoft SQL Server, the value of the Data Source parameter must be set in the format <server name>\<instance name>.
<Settings> <ConnectionString>Data Source=MSSQLServer\Named instance; ... </ConnectionString> </Settings>
In the file C:\inetpub\wwwroot\ils\clientApps.config edit the Application section for work with the mssqlDb.config file:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>mssqlDb</ReadTargetId> <WriteTargets> <TargetId>mssqlDb</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>Next in the same file in the Targets section add a new element:
<Targets> ... <Target Id="mssqlDb" Type="mssql"/> </Targets>
PostgreSQL Pro
- Go to C:\inetpub\wwwroot\ils\targetConfigs directory, create a copy of the file sampleDb.config rename it to postgresDb.config, then edit the postgresDb.config file similar to the settings for Microsoft SQL Server.
In the file C:\inetpub\wwwroot\ils\clientApps.config edit the Application section for work with the postgresDb.config file:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>postgresDb</ReadTargetId> <WriteTargets> <TargetId>postgresDb</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>Next, in the same file in the Targets section add a new element:
<Targets> ... <Target Id="postgresDb" Type="pgsql"/> </Targets>
Configuring event reading in the DBMS, recording events in both the Windows Event Log and the DBMS
- Go to C:\inetpub\wwwroot\ils\targetConfigs directory, create a copy of the file sampleDb.config, edit it in a way of the type of DBMS used according to the instructions above.
In the fileC:\inetpub\wwwroot\ils\clientApps.config edit the Application section this way:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>mssqlDb</ReadTargetId> <WriteTargets> <TargetId>mssqlDb</TargetId> <TargetId>Pam.EventLogTarget</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application>This example shows the configuration for reading events from the Microsoft SQL Server, writing events to the Microsoft SQL Server and Windows Event Log.
- No labels