Installation and Upgrade Guides › Policy Server Installation Guide › Configuring CA SiteMinder® Data Stores in a Relational Database › How to Store Audit Logs in MySQL
How to Store Audit Logs in MySQL
Complete the following procedures to configure MySQL as a standalone audit log store:
- Be sure that MySQL is installed using the default character set (Latin1). If MySQL was not installed using the default character set, reinstall MySQL before configuring the CA SiteMinder® data store.
- Gather database information.
- Create the audit log schema.
- Configure a MySQL data source for CA SiteMinder®.
- Point the Policy Server to the database.
- Restart the Policy Server.
More information:
Gather Database Information
Configure a MySQL Data Source for CA SiteMinder®
Create the Audit Log Schema
You create the audit log schema so the MySQL database can store audit logs.
Follow these steps:
- Log in to the Policy Server host system.
- Navigate to the following location:
siteminder_home\db\tier2\MySQL.
- siteminder_home
-
Specifies the Policy Server installation path.
- Open the following file in a text editor:
sm_mysql_logs.sql
- Locate the following lines:
DROP FUNCTION IF EXISTS `databaseName`.`getdate` $$
CREATE FUNCTION `databaseName`.`getdate` () RETURNS DATE
- Replace each instance of 'databaseName' with the name of the database functioning as the audit store.
- Copy the contents of the entire file.
- Paste the file contents into a query and execute the query.
The audit store schema is created.
Point the Policy Server to the Database
You point the Policy Server to the database so the Policy Server can read and store audit logs.
To point the Policy Server to the data store
- Open the Policy Server Management Console, and click the Data tab.
Database settings appear.
- Select ODBC from the Storage list.
ODBC settings appear.
- Select Audit Logs from the Database list.
- Select ODBC from the Storage list.
Data source settings become active.
- Enter the name of the data source in the Data Source Information field.
- (Windows) this entry must match the name you entered in the Data Source Name field when you created the data source.
- (UNIX) this entry must match the first line of the data source entry in the system_odbc.ini file. By default, the first line in the file is [CA SiteMinder® Data Sources]. If you modified the first entry, be sure that you enter the correct value.
- Enter and confirm the user name and password of the database account that has full access rights to the database instance in the respective fields.
- Specify the maximum number of database connections allocated to CA SiteMinder®.
Note: We recommend retaining the default for best performance.
- Click Apply.
The settings are saved.
- Click Test Connection.
SiteMinder returns a confirmation that the Policy Server can access the data store.
- Click OK.
The Policy Server is configured to use the database as an audit logging database.
Restart the Policy Server
You restart the Policy Server for certain settings to take effect.
Follow these steps:
- Open the Policy Server Management Console.
- Click the Status tab, and click Stop in the Policy Server group box.
The Policy Server stops as indicated by the red stoplight.
- Click Start.
The Policy Server starts as indicated by the green stoplight.
Note: On UNIX or Linux operating environments, you can also execute the stop-all command followed by the start-all command to restart the Policy Server. These commands provide an alternative to the Policy Server Management Console.
Copyright © 2014 CA.
All rights reserved.
|
|