You need to recycle Indeed.LS application pool after every change to the configuration file. You can do this in IIS Manager snap-in, or with powershell command
|
Indeed Identity Log Server supports:
Event reading is supported from only one storage (<ReadTargetId>). Event writing is supported in several storages (<WriteTargets>) simultaneously. |
Password - service account password
<Settings> <ConnectionString>Data Source=sql.domain.local; Initial Catalog=ILS; Integrated Security=False; User ID=IPAMSQLServiceOps; Password=Password</ConnectionString> </Settings> |
If using a named instance of Microsoft SQL Server, the value of the Data Source parameter must be set in the format <server name>\<instance name>.
|
In the file C:\inetpub\wwwroot\ls\clientApps.config edit the pam section for work with the mssqlDb.config file:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>mssqlDb</ReadTargetId> <WriteTargets> <TargetId>mssqlDb</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application> |
Here, in the Targets section add a new element:
<Targets> ... <Target Id="mssqlDb" Type="mssql"/> </Targets> |
Password - service account password
<Settings> <ConnectionString>Host=sql.domain.local; Database=ILS; Integrated Security=False; Username=IPAMSQL; Password=Password</ConnectionString> </Settings> |
In the C:\inetpub\wwwroot\ls\clientApps.config file edit pam section for work with the postgresDb.config file:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>postgresDb</ReadTargetId> <WriteTargets> <TargetId>postgresDb</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application> |
In the Targets section add a new element:
<Targets> ... <Target Id="postgresDb" Type="pgsql"/> </Targets> |
SyslogVersion - select syslog protocol: RFC3164, RFC5424
<Settings HostName="localhost" Port="5081" Protocol="TCP" Format="CEF" SyslogVersion="RFC3164" /> |
In the C:\inetpub\wwwroot\ls\clientApps.config file edit pam section for work with the Syslog.config file. Add a new TargetId for the WriteTarget:
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>mssqlDB</ReadTargetId> <WriteTargets> <TargetId>mssqlDB</TargetId> <TargetId>Syslog</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application> |
In the Targets section add a new element:
<Targets> ... <Target Id="mssqlDb" Type="mssql"/> <Target Id="Syslog" Type="syslog"/> </Targets> |
In the C:\inetpub\wwwroot\ls\clientApps.config file edit pam section
<Application Id="pam" SchemaId="Pam.Schema"> <ReadTargetId>postgresDb</ReadTargetId> <WriteTargets> <TargetId>postgresDb</TargetId> <TargetId>Syslog</TargetId> </WriteTargets> <AccessControl> <!--<CertificateAccessControl CertificateThumbprint="001122...AA11" Rights="Read" />--> </AccessControl> </Application> |
In the Targets section add new strings for postgresDB and Syslog:
<Targets> ... <Target Id="postgresDb" Type="pgsql"/> <Target Id="Syslog" Type="syslog"/> </Targets> |