This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

MSSQL integration

Go to solution
Anonymous
Not applicable

‎2014-02-04 07:40 AM

I am trying to integrate MSsql with my test lab and did all the setting as per device configuration guide, added dsn in SA and restarted the odbc but getting an error like :- tail -f /var/log/messages

Feb  4 17:53:42 NWAPPLIANCE10318 nw[1526]: [OdbcCollection] [failure] [mssql.MSSQL] [processing] [MSSQL] An error occurred creating an ODBC connection.#011 The DSN for this connection is: MSSQL  The trapped error is: Unable to create an ODBC connection. DSN: MSSQL; username: audit_reader; reason: state: IM003; error-code: 2842

Feb  4 17:53:42 NWAPPLIANCE10318 nw[1526]: [OdbcCollection] [failure] [mssql.MSSQL] [processing] [MSSQL]  odbc:WrkUnit[2] Processing failed.

 

DSN:-

[MSSQL]

Driver=/opt/netwitness/odbc/lib/R3sqls.26.so

Port=1433

hostname=192.168.1.94

database=MSSQL

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
6 REPLIES 6

Go to solution
AdamRasnick
Beginner
Beginner

‎2014-03-13 10:37 AM

Make sure you have pointed at the right driver, I have made that mistake before since you have a whole list to choose from.

Go to solution
huanzhou1
Beginner
Beginner
In response to AdamRasnick

‎2014-03-13 10:44 AM

database=MSSQL  = need to be master db


did you run the script to enable the trace? please follow the envision mssql event source guide.

Go to solution
Anonymous
Not applicable
In response to AdamRasnick

‎2014-03-13 01:04 PM

hi Adam,

which driver we have to use, there is lots of driver. i just select as per sadocs.emc.com device configuration for mssql(attaching screen shot). can you please guide?

Preview file
175 KB
0 Likes

Go to solution
Anonymous
Not applicable
In response to huanzhou1

‎2014-03-13 01:08 PM

Hi patriot,

 

i tried to run that script on sql server but didn't find any utility program or tab to run that script from sql managment studio. i also created a UPC but then too couldn't find a option to run that scrip, can you please help me on this?

0 Likes

Go to solution
Anonymous
Not applicable
In response to Anonymous

‎2014-03-13 05:40 PM

I noticed that sometimes its picky on the capitalization on the ODBC connection. We also had a case where MSSQL doesnt like the query, so you have to edit the event source XML parser and remove the DIRECT database name calls. Which may be why you connect directly to the master DB instead of the DB itself.

 

hostName

database

port

Driver = /opt/netwitness/odbc/lib/R3sqls26.so

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.