Table of Contents
- Introduction
- System Requirements
- Assign Service Logon As Credentials
- Server Configuration
- Agent-Based Monitoring
- Data Providers
- Directory Services
- Audit Work Items
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Log Management Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Account Lockout Monitor Template
- Logon Monitor Template
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- SMART Monitor Template
- Process Monitor Template
- Service Monitor Template
- Performance Counter Monitor Template
- PowerShell Script Template
- Registry Value Monitor Template
- Active Directory User Monitor Template
- Active Directory User Integrity Monitor Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Network and Application Monitor Templates
- Database Monitor Template
- Directory Service Monitor Template
- DNS Blacklist Monitor Template
- DNS Monitor Template
- Domain Expiration Monitor Template
- Network Speed Monitor Template
- Ping Monitor Template
- SQL Server Shrink and Backup Template
- SSH Shell
- TCP Port Scan Monitor Template
- Website Monitor Template
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Monitors
- Reports
- Auto-Configurators
- Filters
- Actions
- Schedules
- Environment Variables
- Options
- Account Lockout Monitoring and Reporting
- SNMP
- SSH Shell
- Exporting and Importing Configuration Objects
- Shared Views
- Auto-Config Host Assignment Properties
- General Executable Properties
- Assign Actions
- Assign Directories
- Assign Disks
- Assign Shares
- Assign Files
- Assign Consolidated Logs
- Assign Event Logs
- Assign Active Directory Audit Logs
- Target Files and Sub-Directories
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Define CSV and W3C Log Entry Columns
- Active Directory User and Group Filters
- Explicitly Assigned Logs
- File Explorer
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Command Line Interface
- Troubleshooting
- Terminology
Data Providers
Data Providers have two purposes:
- To save log entries, PowerShell Monitor results, SNMP Traps, and execution history for a period of time such as 1 year.
- To configure database connections for use with Database Monitoring Templates.
How it works:
When storing log entries for long periods of time, such as one year, log entry tables will become quite large. Running daily reports, such as Account Management Reports, require table scans to isolate the target log entries. If we were to store each log in a single table for the entire year, daily reports would be unnecessarily table scanning irrelevant data burning CPU, memory, power and time. For this reason, Corner Bowl saves log entries to two tables is separate databases. This design has two advantages. First, daily reports only need to execute table scans against recent data, and second, archive databases can be implemented on alternate hardware, with different specifications, while simultaneously isolating CPU intense archive reporting from production systems. Corner Bowl Server Manager implements these two databases in the Explorer View under Data Providers. By default, the databases are called the Primary Log Database and the Archive Log Database respectively.
By default the Log Database and Archive Log Database are pre-configured to use an embedded database, SQLite, rather than a network database such as SQL Server or MySQL.
 |
SQLite is ideally suited for small implementations and Air-Gapped networks while we suggest large corporate networks use either SQL Server or MySQL. |
To configure the Log Database:
- From the Explorer view, expand Data Providers. By default, The following two nodes are listed, Log Database and Archive Log Database.
- Right click on the database you would like to configure, then select Properties. The Data Providers Properties view displays.
-
From the Data Providers Properties view, use the Name text box to specify a unique name.
Click the Auto Generate 
button to automatically generate a name.
If you click this button after you have set the data provider settings, the generated name reflects the settings you have selected (e.g. Primary Log Database (SQL Server)).
-
Use the Type drop-down to select the database type. The following Types are available:
Type Description SQLite A self-contained open-source SQL database engine. Microsoft SQL Server Microsoft SQL Server v2022-2012. MySQL Oracle MySQL v8.x-5.7 File System A proprietary Corner Bowl Software developed binary flat file system. -
Use the Role drop-down to select how you would like to use the database. The following Roles are available:
Role Description Log Database Contains the latest consolidated log entries. (e.g. log entries less than 15 days old). Archive Log Database Contains archived consolidated log entries previously saved to the Log Database (e.g. log entries 15 days and older). Auxiliary Log Database Contains auxiliary or backup consolidated logs. Typically used to view old database backups for auditing purposes. History Database Only available when using the File System. Contains monitor and report execution history (e.g. execution time, state, and results such as the number of entries downloaded). None This setting has two purposes. First, to be used for Database Monitoring. Second, to be used to maintaining database connection settings for later use. - Use the rest of the controls to set the Type specific settings. For more information see:
-
Click the Save button to save the settings.
When saving a Log Database or Log Archive Database, if the database does not exist, the database and several tables are automatically created.
To configure a database connection to be used by a Database Monitoring Template:
- From the Menu Bar, select File | New. The Create New Object View displays.
- From the Create New Object view, select Data Provider. The New Data Provider view displays.
- From the New Data Provider view, use the Type drop-down to select the database type.
- From the Role drop-down, select None.
- Use the rest of the controls to set the Type specific settings.
- Click Save to save your changes.
To view the Data Provider Index:
- To see what has been saved to the database, from the Explorer View, find the root Data Providers node then expand.
- Next, expand the Primary Log Database.
- Once expanded you will find two nodes, All and Hosts.
- Expanding All reveals each host that contains saved log entries without any grouping.
- Expanding Hosts reveals your root Hosts node structure.
- Expanding any host reveals all saved logs.
-
To view a log, right click then select View.
Data Provider Index
To view Consolidated Log Database Summary:
- To view a summary of the content in your primary log database, from the Explorer View, select the Dashboard node. The Dashboard View displays.
- From the Dashboard View, select the Log Database Summary Tab. The summary is executed and asynchronously return results one by one as they are received.
-
Notice the scroll bar at the bottom. The summary may take several minutes to complete.
Consolidated Log Database Summary - To view more detail about a specific saved log, right click on the row then select Data Properties. The Data Properties View displays.
-
Depending on the log type the Data Properties View will display summary data, for example, the number of Event Log Entries grouped by Level and Event ID.
Consolidated Log Summary