Re: Logging to SQL Server

• From: "cismic" <cismic@xxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 12 Apr 2004 13:30:59 -0700

Actually, the setup below works great! However, I still don't like writing
directly to the SQL machines.
I setup ISA to save into the follow and have created a structure like this:

\\ISALOGS
\\ISALOGS\PACKET\
\\ISALOGS\FIREWALL\
\\ISALOGS\PROXY\

Then nightly around (1800) 6:00 PM pacific time which is an hour past the
time my logs change
I move the daily logs into:
\\ISALOGSOLD
\\ISALOGSOLD\PACKET\
\\ISALOGSOLD\FIREWALL\
\\ISALOGSOLD\PROXY\
The reason I do this is that when you setup logs in ISA the default is 7
days of logs to store, so If you forgot
to move the logs they all get written over again. You could change the
number of logging days but it's not necessary when you follow the above
sequence. The nice thing is that it is automated.

The next step is processing the logs. I setup a scheduled job to run at
night for each of the 3 logs that import into my StatSphere Database.  After
each log is imported the log files are moved into:
\\ISLOGSPROCESSED
\\ISALOGSPROCESSED\PACKET\
\\ISALOGSPROCESSED\FIREWALL\
\\ISALOGSPROCESSED\PROXY\
Once there I back them up to tape and delete.

I've been testing out some additional functionality that will help with the
speed of the import using the BATCH IMPORT funcitions of SQL. So, I've
created a tool that strips out the comments from each log.  I'll keep you
all posted on that one.

Thank you,

Joseph

----- Original Message ----- 
From: "Greg Hess" <gmh@xxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, April 12, 2004 11:28 AM
Subject: [isalist] Re: Logging to SQL Server


http://www.ISAserver.org

Is the only way to do this, then, to log in my ISA server under a user
account with permissions? (I should say here that we don't use SQL
logins, only MS authentication on the SQL server). This seems an odd way
to go, having to have the server 'logged in' in order for this to work.

G.

-----Original Message-----
From: cismic [mailto:cismic@xxxxxxx]
Sent: Monday, April 12, 2004 1:58 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Logging to SQL Server


http://www.ISAserver.org

ISA Server >> ODBC DRIVER >> REMOTE SQL

On my ISA Server I utilize HOSTS FILE.  I setup where my SQL machine
resides so that when I create an ODBC rule, the host header knows what
to grab. I'm not sure where your SQL machine resides.  I have a back to
back setup ISASERVER >> DMZ >> ISASERVER >> SQL MACHINE On my second ISA
server is where I have the publishing rule for the SQL machine.
Machines in the DMZ use the hosts file to point to the external NIC of
the internal ISASERVER. I also, don't use "SA" without a password nor do
I use "SA" with a password on my machines in the DMZ or external
ISASERVER.

On my SQL Machine, I create a local user (example) LoggingUser with log
on locally rights. Then I create a new logon user in SQL and point to my
statistics DB as the default DB for that user. Once all that is done and
you have created similar users on the machines in the DMZ then you can
utilize a trusted connection via only with "LoggingUser" This user does
not need to be part of the internal ACTIVE DIRECTORY.  So, when you
create you ODBC connection specify the LoggingUser account along with
your password that you setup for that account.  Rember the password
would be the same on the ISASERVER LoggingUser and the SQL LoggingUser.

HTH,
Joseph

----- Original Message ----- 
From: "Greg Hess" <gmh@xxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, April 12, 2004 8:58 AM
Subject: [isalist] Logging to SQL Server


http://www.ISAserver.org

Hello everyone,

     I am trying to configure logging to our SQL server from our ISA
server. I followed the article on ISAserver.org and I can test the ODBC
connection fine, but when I configure the logging and restart the
service I get an error indicating I don't have permissions. This is a
remote SQL box, do I have to configure the services to start under
another user account or...something? Any help is appreciated.

Tx.
Greg.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1
Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmh@xxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server
• » Re: Logging to SQL Server

1. Home
2. isalist
3. Archive
4. 04-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---