SIEM, Log Management, Security, Compliance, Server Monitoring and Uptime Monitoring Software

How to Configure Corner Bowl Software's Centralized Log Consolidation Databases

May 21st, 2022

In this article I am going to show you how to configure Corner Bowl Server Manager 2022 to save Event Log Entries, Syslog Messages and text log entries to a central database for monitoring, reporting, auditing and compliance requirements. I am also going to discuss the advantages and disadvantages of each database type.

Corner Bowl Server Manager can centralize log entries to Microsoft SQL Server, MySQL, SQLite and our own file system format. In an effort to provide faster out-of-the-box implementation, our proprietary file system format has been depreciated and replaced by SQLite, an embedded RDBMS that requires no user setup. If you your organization is using the File System format, we suggest migrating to SQLite. The file system format is scheduled to be end-of-lifed sometime in 2024.

Table of Contents

Background

Server Manager uses 2 databases, a primary and an archive. The primary database contains the most recent entries, for example the last 30 days, while the archive database contains data older than the primary database, for example, the previous 6 months. This format enables daily reports to run against the smaller primary database limiting the size of the table scans while simultaneously allowing auditors to scan historical data on-demand without affecting the performance of log consolidation and monitoring.

How to Configure the Centralized Consolidated Log Databases

How to Configure MySQL

According to Oracle, MySQL is the world's most popular open-source database and includes a free community edition which can be downloaded from:

https://www.mysql.com/downloads/

MySQL does not support insert batching.

  • Use the Server text box to specify the hostname the MySQL database is installed.
  • Use the Database text box to specify the database.
  • Use the Username text box to specify the MySQL user name.
  • Use the Password text box to specify the MySQL user's password.
  • Use the Connection timeout text box to specify the maximum time to wait for an available connection in the connection pool before timing out.
  • Use the Execution timeout text box to specify the maximum time to wait for SQL statements to complete before timing out.
  • Check Hash Mode to add hashing to each saved log entry often used in Italy to fulfill government compliance requirements.
    Centralized MySQL Consolidated Log Database Properties

How to Configure SQL Server

SQL Server is the fastest option available and includes support for insert batching significantly increasing the throughput of Syslog messages.

September 16th, 2022