Cisco Cisco FirePOWER Appliance 8390
51-7
FireSIGHT System User Guide
Chapter 51 Configuring Appliance Settings
Enabling Access to the Database
Step 6
Verify that you have a valid user certificate generated by the same certificate authority that created the
server certificate.
server certificate.
Caution
When you save a configuration with enabled user certificates, if you do not have a valid user certificate
in your browser certificate store, you disable all web server access to the appliance. Make sure you have
a valid certificate installed before saving settings.
in your browser certificate store, you disable all web server access to the appliance. Make sure you have
a valid certificate installed before saving settings.
Step 7
To apply the user certificate configuration to the web server, click
Save
.
Note that you can disable user certificate enforcement via the command line if you enable certificates
and find that your user certificate does not enable access. For more information, see
and find that your user certificate does not enable access. For more information, see
.
Enabling Access to the Database
License:
Any
You can configure the Defense Center to allow read-only access to its database by a third-party client.
This allows you to query the database using SQL using any of the following:
This allows you to query the database using SQL using any of the following:
•
industry-standard reporting tools such as Actuate BIRT, JasperSoft iReport, or Crystal Reports
•
any other reporting application (including a custom application) that supports JDBC SSL
connections
connections
•
the Cisco-provided command-line Java application called RunQuery, which you can either run
interactively or use to obtain comma-separated results for a single query
interactively or use to obtain comma-separated results for a single query
From the Database Settings local configuration page, you can enable database access and create an
access list that allows selected hosts to query the database. Note that this access list does not also control
appliance access. For more information on appliance access lists, see
access list that allows selected hosts to query the database. Note that this access list does not also control
appliance access. For more information on appliance access lists, see
.
You can also download a package that contains the following:
•
RunQuery, the Cisco-provided database query tool
•
InstallCert, a tool you can use to retrieve and accept the SSL certificate from the Defense Center you
want to access
want to access
•
the JDBC driver you must use to connect to the database
Note that when you connect to the database from an external client you must provide a username and
password that match those for an Administrator or External Database user on the Defense Center. For
more information, see
password that match those for an Administrator or External Database user on the Defense Center. For
more information, see
.
For detailed information on configuring external access to the FireSIGHT System database, including
information on the database schema and supported queries, see the FireSIGHT System Database Access
Guide.
information on the database schema and supported queries, see the FireSIGHT System Database Access
Guide.
To enable database access:
Access:
Admin
Step 1
Select
System > Local > Configuration
.