today I was asked by potential customer about possibility to configure MySQL table as an event data source - is it possible? Customer uses eDirectory (which is at this time not supported by the ESM as data source). At this time events from this eDirectory are forwarded to MySQL database, so - it is possible to connect to that data source by the receiver or the agent (Event Collector) and then - create custom parse rules?
Artur SadownikMessage was edited by: artek on 12/3/12 6:19:51 PM CST
Yes it it possilbe to collect those events using the Windows Event Receiver. You can find more information in the ESM Help under Contents > Appendix F > McAfee SQL Database Event Configuration File Utility. You will also need to create custom parse rules.
The SQL Database Event Configuration File Utility provides you with an easy way to generate the XML used by the McAfee ESMI Windows Event Collector to send events from a Microsoft SQL or Oracle Database. It is installed with the Windows Event Collector.
Select Programs > McAfee > SQL Plugin Configuration Utility to open the utility.
You need to download and install Oracle Data Access Components (ODAC) from the Oracle OTN website in order to connect to an Oracle database.
To generate the configuration XML to be used by the SQL Database Event Plugin, set up a new file by clicking on File > New and entering the required information on the following tabs:
1. Connect to the database
2. Map the database fields
3. Test the generated query.
are you 100% shure, that we can collect data from MySQL (not Microsoft SQL) database? I saw before mentioned Appendix F, but there is no information about MySQL - only MS SQL and Oracle...
It is not currently possible for a receiver to collect events from a MySQL table. Adding that ability to a receiver has been discussed internally and may be added to a future release but I do not have any ETA for that inclusion.
Thanks and sorry for my initial misreading of the question.
Support for that is not part of 9.3.1. Please feel free to submit a PER for that to be added at
Thanks for the information. In the list of supported devices I can see MySQL is supported but that Requires DBM or DAM.
Requires DBM or DAM
Is there no software agent using which we can integrate MYSQL?