| Table of Contents | ||||
|---|---|---|---|---|
|
Overview
Microsoft SQL Server is a relational database management system that offers a wide range of features and services. However, this also creates a large surface area for potential attacks and vulnerabilities. To address these concerns, SQL Server auditing is used to meet compliance requirements, diagnose database issues and investigate any suspicious activityWe are providing you with the steps to integrate your Microsoft SQL Server with Seceon SIEM so One can have Comprehensive visibility and Proactive Threat Detection in your Environment. There will be a log transfer between your firewall to APE(Analytics and Policy Engine) via CCE (Collection and Control Engine ). In this document, we are guiding you through the steps for forwording logs.
1-Enabling logging for logins
...
Open Microsoft SQL Management Studio with the appropriate credentials.
In Object Explorer, right-click on the database server and select Properties.
...
In the Properties panel, select Securityin the Select a page section.
In Login auditing, select Both failed and successful logins.
...