Database Connectors
The following database connectors are available for installation with ArcSight Express:
-
IBM SiteProtector DB*
-
McAfee ePolicy Orchestrator DB*
-
McAfee Vulnerability Manager DB*
-
McAfee Network Security Manager DB*
-
Microsoft SQL Server Audit Multiple Instance DB*
-
Oracle Audit DB
-
Symantec Endpoint Protection DB*
-
Trend Micro Control Manager NG DB*
-
Snort DB*
*These connectors extract events from an SQL Server or MySQL databases, which requires a JDBC driver. See Add a JDBC Driver for instructions.
All of these database connectors require the following information when being added to ArcSight Express; some connectors require additional parameters, such as event types or polling frequency.
Parameter |
Description |
---|---|
Database JDBC Driver |
If you are using an ODBC DRIVER, select 'sun.jdbc.odbc.JdbcOdbcDriver' driver. For JDBC drivers, select the 'com.microsoft.sqlserver.jdbc.SQLServerDriver' driver. |
Database URL |
If you are using an ODBC DRIVER, enter: 'jdbc:odbc:<ODBC Data Source Name>, where the <ODBC Data Source Name> is the name of the ODBC data source you just created. If you are using a JDBC DRIVER, enter: 'jdbc:sqlserver://<MS SQL Server Host Name or IP Address>:1433;DatabaseName=<MS SQL Server Database Name>,' substituting actual values for <MS SQL Server Host Name or IP Address> and <MS SQL Server Database Name>. |
Database User |
Enter the login name of the database user with appropriate privilege. |
Database Password |
Enter the password for the SiteProtector Database User. |