SQL Server
This document provides the steps required to configure the SQL Inspector.
Quick Details
Recommended Agent: Self-Managed
Supported Agents: Self-Managed
Is Auto-Discovered By: Windows Inspector
Can Auto-Discover: N/A
Parent/Child Type Inspector: No
Inspection via: CLI
Data Summary: Here
Overview
See it in Action
Operating Requirements
PowerShell 5.1 or greater is required at this time.
SQL Server Inspector Requires a Windows Agent
First, make sure that a Windows Agent has been installed on the Windows Server that is hosting the instance of SQL.
If your SQL Server is configured to allow remote connections, the Agent can be on a different server on the same network.
Inspector Setup Preparation
SQL Server PowerShell Scripts
Upon activation, the SQL Server Inspector will run a series of PowerShell scripts to return data to Liongard.
Ensure your system accounts for these actions to take place by allowlisting the Agent within the applicable software, such as ThreatLocker.
Step 1: Set up SQL User Account
Create a Liongard-Service account within SQL to be used for SQL Authentication via SQL Server Management Studio.
Video isn't playing? Click here.
Step 2: Set up a SQL Login User
Naming Convention
Please refer to your organization's naming convention policies when creating usernames. Usernames we state in the documentation are suggestions only.
- Open the Security folder and right-click on Logins. Select new login.
- While in the Login folder, select the newly created user account.
Right-click on the user account and select properties. Set Server Roles to include Public and Sysadmin
- Set User Mapping for Access to the respective SQL Databases. Make sure db_owner and public are selected.
- Use default for Securables and leave default Status settings.
- Ensure that SQL Server and Windows Authentication mode is enabled (under properties of the database) > Security
- Verify newly created credentials by connecting to the SQL Server via SQL Management tools or a PowerShell command shell.
- If you are running a "remote inspection" where the Liongard Agent is installed on a different server, verify connectivity from that Agent server.
Liongard Inspector Setup
Activating Auto-Discovered Inspectors
If you have activated your Windows Server Inspector(s), it will auto-discover your SQL Server Inspectors. If you have not activated a Windows Server Inspector, you can follow the instructions for Single Inspector Setup. After completing the Inspector Setup Preparation, follow the steps below:
Navigate to Admin > Inspectors > Inspector Types > Select SQL Server > Select the Discovered Systems tab
Here you can Activate your Discovered SQL Server Inspector(s):
- Individually select the three dots Action menu to the left of each the Discovered SQL Server Inspector(s)
- Edit the SQL Server Inspector(s) to include the following credentials gathered in the Inspector Setup Preparation
- Authentication Type: You can use either SQL or Windows for authentication. Pick SQL if using a username created in SQL Server itself. Pick Windows if using Windows/Active Directory-integrated authentication.
- Username (SQL Authentication): Enter a username only if you are using the SQL Authentication type
- Password (SQL Authentication): Enter a password only if you are using the SQL Authentication type
- Save the Inspector(s)
- Select the checkbox to the left of the Inspector(s) that you would like to Activate
- Select the Actions drop-down menu above the Discovered Systems table
- Select Activate Launchpoints
Single Inspector Setup
In Liongard, navigate to Admin > Inspectors > Navigate to the SQL Inspector > Select Add System.
Fill in the following information:
- Environment: Select the Environment this System Inspector should be associated to
- Friendly Name: Suggested "SQL [Environment Name]"
- Agent: Select the On-premises Agent installed for this Environment
- Inspector Version: Latest
- Hostname: Enter the Hostname of the SQL Server and verify that it is reachable from the Agent server
- Instance: Leave this blank for no instance name or a default "MSSQLSERVER" instance name. If your server has a custom instance name, enter it here
- Authentication Type: You can use either SQL or Windows for authentication. Pick SQL if using a username created in SQL Server itself. Pick Windows if using Windows/Active Directory-integrated authentication
- Username (SQL Authentication): Enter only if you are using the SQL Authentication type
- Password (SQL Authentication): Enter only if you are using the SQL Authentication type
- Scheduling: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule
Select Save. The Inspector will now be triggered to run within the minute.
Optional: Turn on Flexible Asset/Configuration Auto-Updating
If you would like this Inspector's data to be sent to ConnectWise and/or IT Glue, turn on Flexible Assets/Configurations for this Inspector:
- ConnectWise: Admin > Integrations > ConnectWise > Configuration Types > Confirm the "Configuration Auto-Updating" toggle is enabled
- IT Glue: Admin > Integrations > IT Glue > Flexible Assets > Confirm the "Flexible Asset Auto-Updating" toggle is enabled
SQL Server Quick Tips/FAQs
Updated about 1 month ago