Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
2-2
FireSIGHT System Database Access Guide
Chapter 2 Setting Up Database Access
Creating a Database User Account
•
The appliance does not have the appropriate license. For example, network discovery and user
identity-related events are not logged to the database unless you have installed the appropriate
feature licenses.
identity-related events are not logged to the database unless you have installed the appropriate
feature licenses.
•
You have not configured the FireSIGHT System to log the event type you are querying. For example:
•
Logging intrusion events, discovery-related events, and health events requires that you apply the
appropriate policy.
appropriate policy.
•
Logging network discovery events and host input events is configurable in the system policy. Note
that logging is enabled by default.
that logging is enabled by default.
•
Logging user identity data requires that you configure network discovery.
•
Transmitting packet data for intrusion events requires you to enable that option when adding a
managed device to the Defense Center.
managed device to the Defense Center.
•
Generating and logging correlation events, compliance white list events, and remediation status
events requires that you add rules or responses to an active correlation policy.
events requires that you add rules or responses to an active correlation policy.
•
To log connection events, you must enable logging of connections in your access control rules and
for the default action in your access control policy. Your managed devices are not receiving network
traffic that causes events to be generated.
for the default action in your access control policy. Your managed devices are not receiving network
traffic that causes events to be generated.
•
Database limits are set to zero in the system policy on the appliance you are querying.
•
Your managed devices are not receiving network traffic that causes events to be generated.
For more information on how events are generated and logged, see the FireSIGHT System User Guide.
Creating a Database User Account
License:
Any
To configure access to the FireSIGHT System database, you must first create a user account and assign
it the External Database User permission. You can grant this permission by assigning the account either
a Cisco-predefined user role that includes the External Database User permission or a custom user role
created by your organization that includes the External Database User permission. See the FireSIGHT
System User Guide for information on creating the user account and viewing the permissions in a given
user role.
it the External Database User permission. You can grant this permission by assigning the account either
a Cisco-predefined user role that includes the External Database User permission or a custom user role
created by your organization that includes the External Database User permission. See the FireSIGHT
System User Guide for information on creating the user account and viewing the permissions in a given
user role.
Tip
Users assigned the predefined Administrator role have the External Database User permission by default.
External Database users who are locally created and authenticated can change their passwords in the
Defense Center web interface. See the FireSIGHT System User Guide for information on changing
passwords. The following table describes some of the options for locally created users to regulate
passwords and account access.
Defense Center web interface. See the FireSIGHT System User Guide for information on changing
passwords. The following table describes some of the options for locally created users to regulate
passwords and account access.