This is a good idea as well, and thanks again Michael. We do have syslog
server in place and fed by CAM, but obviously some info missed as well
in logging, like OS -- just won't be perfect.
David Wang, Networking Services,CCS
www.uoguelph.ca 519-824-4120 x52046
Michael Grinnell wrote:
> David,
>
> If you log to a syslog server or use RADIUS accounting you can get
> that information without accessing the db directly. I would recommend
> logging to a syslog server in any case. There are free syslog servers
> for Linux, Solaris, Windows, OS X. Heck, there's probably even one
> for DOS somewhere.
>
> Michael Grinnell
> Network Security Administrator
> The American University
> e-mail: [log in to unmask]
> desk: (202) 885-2491
> cell: (202) 215-3352
>
>
> On Jul 26, 2007, at 10:03 AM, David Wang @ UoG CCS wrote:
>
>> Thanks Alex. Well, our admins are asking for the login use info, and
>> the "login time" is missed on "getuserinfo" API.
>>
>> David Wang, Networking Services,CCS
>> www.uoguelph.ca 519-824-4120 x52046
>>
>>
>>
>> Alex Lanstein wrote:
>>> There is no password and as Michael was saying, it's unsupported.
>>> You need to edit the script that creates the pg_hba.conf file (in
>>> /perfigo/scripts) and add in remote hosts to the ACL. Then run the
>>> script and restart the perfigo service. Because there is no
>>> password, a simple ip restriction isn't terribly secure, but that's
>>> what you need to do if you want to make external queries.
>>>
>>> Almost any thing you're trying to pull from the cam can be pulled
>>> using a clever mixture of the API calls... what information were you
>>> looking for specifically?
>>> Regards,
>>>
>>> Alex Lanstein
>>> Network/Systems Architect
>>> FireEye, Inc.
>>> 860-625-4277
>>> [log in to unmask]
>>>
>>>
>>> Michael Grinnell wrote:
>>>> This is unsupported by Cisco. The pg_hba.conf file prevents access
>>>> to the database from other machines.
>>>>
>>>> Michael Grinnell
>>>> Network Security Administrator
>>>> The American University
>>>>
>>>>
>>>> On Jul 25, 2007, at 3:43 PM, David Wang @ UoG CCS wrote:
>>>>
>>>>> I am trying to pull some data from CAM's PostgresSQL database
>>>>> remotely by "psql -h /cam_ip/ controlsmartdb -U postgres" from
>>>>> another machine. Do I need a password for postgres? and if so,
>>>>> what it is? thanks in advance.
>>>>> --David Wang, Networking Services,CCS
>>>>> www.uoguelph.ca 519-824-4120 x52046
>>>>
>>>
>
|