Most of our MS SQL Servers require integrated security and the databases are not on the default instance. Our Splunk servers are all on Linux. I know how to use Java to configure JTDS to connect to these SQL instances using Integrated security, e.g.:
java -classpath ./lib/jisql.jar:./lib/jtds-1.2.6.jar com.xigole.util.sql.Jisql -user ...
... -cstring "jdbc:jtds:sqlserver://host_name:port_no/db_name;domain=domain_name;instance=instance_name" ....
Is there a way to do this in Splunk DB Connect (DBX)?
Windows Authentication (NTLMv2) can be enabled by specifying the user in the form of DOMAIN\username
. This will result in a JDBC URL like this:
jdbc:jtds:sqlserver://hostname:port/db;domain=DOMAIN;useNTLMv2=true;otherparams=....
In addition, other parameters for the JDBC URL of an MSSQL database connection can be specified in the database.conf stanza by adding arg.<paramName>=<value>
:
[mysqlserver]
host = ...
database = ...
username = ...
password = ...
arg.useNTLMv2 = false
arg.socketTimeout = 300
Windows Authentication (NTLMv2) can be enabled by specifying the user in the form of DOMAIN\username
. This will result in a JDBC URL like this:
jdbc:jtds:sqlserver://hostname:port/db;domain=DOMAIN;useNTLMv2=true;otherparams=....
In addition, other parameters for the JDBC URL of an MSSQL database connection can be specified in the database.conf stanza by adding arg.<paramName>=<value>
:
[mysqlserver]
host = ...
database = ...
username = ...
password = ...
arg.useNTLMv2 = false
arg.socketTimeout = 300
I found the non-default instance name part: http://splunk-base.splunk.com/answers/66459/connect-to-a-non-default-instance-of-ms-sql-server. The remaining question is whether Integrated security can be used for MS SQL.