Phone Lines icon GFI Support

Articles in this section

Configuring Database Activity Auditing

Author: Timothy Parker Updated

Overview

GFI Archiver database activity auditing records all actions affecting the archive databases and stores the data in a SQL Server. This article covers the steps to configure activity auditing.

 

Diagnosis

Administrators who require monitoring of the database activity can enable this feature to utilize the SQL Trace file to track any edits to the databases and interactions with the console, allowing administrators to see exactly who and how users are interacting with the mail. 

 

Solution

  1. From the Configuration tab, click Auditing.
  2. Click Configure.
  3. Enter the Server name in the text box and choose the Authentication method to use to connect to the SQL Server®.

    s24.png

    Option Description
    Integrated Windows Authentication

    Uses the currently logged on user to connect to SQL Server.
    Microsoft SQL Server Authentication

    Uses the credentials you enter the Login Name and Password: fields to connect to SQL Server. These will be used by GFI Archiver to read/write from the auditing database.
  4. Click Next to continue.

    Note:     The account specified must have sysadmin or database owner privileges.

  5. To create a new database within the previously selected SQL Server, choose New Auditing Database and provide a name in the text box. To use an existing database, choose the option Select an Existing: auditing database from the displayed list of databases. Click Next to continue.
  6. Specify whether to enable tracing on GFI Archiver archive stores. Choose Enable trace on Archive Stores to log database activity data and specify the path on the SQL Server machine where the trace files will be stored. Click Next to continue.

    Note: Ensure that the location specified is accessible using the user account under which the SQL Server service is running. Lock down the location where you store the SQL Server trace files through NTFS permissions so that only the SQL Server Service can access the location. This, together with the exclusive lock held by the SQL Server service, ensures that the data in the trace files cannot be tampered with.

  7. Specify whether to enable user interaction auditing. This will record all the activity of the GFI Archiver user interface by users. To enable, choose Enable user interaction auditing. Click Next to continue.
  8. Review the Auditing Database setup summary and click Finish to finalize setup.

 

Testing 

Allow the system to continue Archiving mail as normal, with users accessing mail for a short period after enabling this feature. After giving time for the trace data to be populated, proceed to run an Audit Report as shown in the Related Articles below. 

 

Related articles