Is this possible, to connect DB Connect to a MS SQL database using Windows Authentication when the DB Connect tailing server is running Linux? The article "DB Connect to MSSQL DB as Windows Authentication" states how to do this but is not clear if this is all on a Windows centric environment. I suspect that is assumed. Can Windows Authentication be used between a Linux DB Connect client to a MS SQL database or do we need to use a SQL Server account for this?
Thank you for your time on this inquiry.
In this case you need the bridging authentication solution. .
A python script can do the job. what kind of password vault is it.
Work around for this, where everyone in risk,db and access management team is happy is to use one time password, connect the database and let "dbmon-tai"l monitor the database.Once connection is established it does not need authentication again for long time. "dbmon-tail" normally queries database every 100 miliseconds.
Furthermore $SPLUNK_HOME/etc/apps/dbx/bin/status.py can provide the information on schedules query and help troubleshoot.
Additionally you need to setup an alert for internal database connectivity error, incase of reconnect and authentication failure.
windows authentication is not required.
You need sql account with appropriate right on database.
some time user is locked out due repeated password failures.
Normally it is problem with firewall, user password and privilege etc
First test the database connectivity with a free tool from squirrelsql.org
one connectiviy is established, splunk configuration is straight forward.
When index the database for first time, watch out for traffic bottleneck and maxing out disk I/O on DB servers.
Please post error messages from db
Thank you for this.
I've been asked to use Windows Authentication if at all possible. Security around and access to this database is strongly controlled. There is resistence to using a SQL User Account for this. But, if that is all that will work in this environment, then we need to see if how that is supported and if it will work with DB Connect. I do not have the details on this side of the options but it appears that using a SQL User Account requires getting a dynamic password from a password vault with each access. That won't be easy to use with DB Connect, at least I see it that way.
inputs.conf is the the same as dbmon would be added by going through ui.
arguments = useCursors=true
database = master
host = ***
port = ***
readonly = 0
type = mssql
username = HOSTNAME\username
validate = 1