About this guide

This guide introduces you to the functionality of the version 5 Snare Enterprise Microsoft SQL Server Agent within the Windows operating environment. The development of Snare Enterprise Agent for MSSQL will now allow for events generated by Microsoft SQL Server to be forwarded to a remote audit event collection facility.

The Snare for MSSQL agent can track and monitor all database administrative activity from Microsoft SQL Server. This database administrative activity is required for compliance, such as PCI DSS, HIPPA etc so activity can be tracked on what the DBAs are accessing, changing or deleting. For example, if someone accessed the payroll tables in the HR system, cardholder data for customers, or copied the health records for a patient. Most customers will only need to track administrator or DBA activity as the general user access is controlled from the application, but all activity may be tracked if necessary, though there will be more logs generated that will need to be managed. DBAs and administrators can perform unauthorized activity to override technical controls and change settings, the Snare for MSSQL agent helps detect this behavior.

Snare Enterprise Agent for MSSQL will also allow a security administrator to fully remote control the application through a standard web browser.

For the list of supported Microsoft SQL Server versions please refer to:
Snare Agent and SAM software Support Matrix#Microsoft-MS-SQL

Other guides that may be useful to read include:

• Snare Agent Manager User Guide
• Guide to Creating a Custom MSI
• Snare Server User Guide