Configuring a database view for Symantec System Center
A database view is required by the JDBC protocol to poll for SSC events.
Procedure
-
CREATE VIEW dbo.vw_qradar AS SELECT
-
dbo.alerts.Idx AS idx,
-
dbo.inventory.IP_Address AS ip,
-
dbo.inventory.Computer AS computer_name,
-
dbo.virus.Virusname AS virus_name,
-
dbo.alerts.Filepath AS filepath,
-
dbo.alerts.NoOfViruses AS no_of_virus,
-
dbo.actualaction.Actualaction AS [action],
-
dbo.alerts.Alertdatetime AS [date],
-
dbo.clientuser.Clientuser AS user_name FROM
-
dbo.alerts INNER JOIN
-
dbo.virus ON dbo.alerts.Virusname_Idx = dbo.virus.Virusname_Idx INNER JOIN
-
dbo.inventory ON dbo.alerts.Computer_Idx = dbo.inventory.Computer_Idx INNER JOIN
-
dbo.actualaction ON dbo.alerts.Actualaction_Idx =
-
dbo.actualaction.Actualaction_Idx INNER JOIN
-
dbo.clientuser ON dbo.alerts.Clientuser_Idx = dbo.clientuser.Clientuser_Idx