Security and Compliance framework
Job details
| Name: |
Security and Compliance framework |
| Platform: |
Sqlserver |
| Category: |
Security |
| Premium package: |
Security and compliance package |
| Description: |
dbWatch Security framework job. Used for collecting and analysis of statistics from all Security jobs. |
| Long description: |
dbWatch Security framework job. Used for collecting and analysis of statistics from all Security jobs. |
| Version: |
1.33 |
| Default schedule: |
0 2 * * |
| Requires engine install: |
Yes |
| Compatibility tag: |
.[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005′ & hasengine=‘YES’ & engine_edition = ‘Microsoft SQL Server’] |
Parameters
| Name |
Default value |
Description |
| return status |
0 |
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when any issues of security compliance are detected. Regardless of status, the individual jobs are returning. |
| return status when changes occur |
0 |
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when any changes of security compliance issues are detected. Regardless of status, the individual jobs are returning. |
| history threshold |
365 |
The maximum number of days to keep statistics for in the historic tables. |
Job Summary
- Purpose: The dbWatch Security and Compliance framework job is used to collect and analyze statistics from all security-related jobs within the system.
- Why: This job is crucial for maintaining security compliance by regularly evaluating the security status, tracking changes, and managing historical data. If this framework detects any compliance issues or discrepancies, early interventions can be implemented which might prevent potential security breaches.
- Manual checking: You can manually check the collected security job statuses and reports in the database by issuing the following SQL command:
SELECT TASK_ID, NAME, SC_STATUS, STATUS, LAST_RUN FROM dbw_security_framework_info ORDER BY LAST_RUN DESC;
Job Operations
- “dbw_security_framework_proc”: This stored procedure is executed to collect and refresh data, check compliance statuses, and update histories.
- Safety Measures: The job includes error handling to ensure all operations are properly logged and execution details are sent to dbWatch for alert generation if necessary.
Dependencies and System Requirements
The operation of this job relies on specific tables and procedures within the database, such as:
- “dbw_security_framework_info” for currently available security status data.
- “dbw_security_framework_histr” for historical records.
- “dbw_security_framework_last_info” for the most recent security statuses.
- Additional history and statistical tables that support the job’s operations and reporting needs.
Execution Details
- Default Schedule: The job is scheduled to run daily at 2:00 AM server time, which ensures regular compliance checks and updates without frequent disruption to database performance.
- Cleanup Actions: It ensures a cleanup is done in case of failures, removing or reverting any partial or incomplete data entries.
Reporting
| Report Component |
Description |
| Security and Compliance framework presentation |
Displays detailed statistics, compliance issues, and execution details of security jobs. |
| Issues and compliance history |
Show historical data and the number of detected issues over time, providing trends and patterns. |
Customized Elements
- Versions and Upgrades: The job is equipped to handle migrations and updates from previous versions seamlessly, ensuring data integrity and compliance checks are maintained across version upgrades.
- Compatibility: Configured to run in SQL Server instances version 2005 and above that satisfy certain criteria related to engine type and edition.
Error Handling and Remarks
- The job includes comprehensive error handling to log and notify users of failures during its operations.
- Parameters are set to handle return statuses for issues of security compliance, ensuring that even in the cases of job discrepancy, the system continues to perform other scheduled tasks and error assessments.
Through these stringent and detailed monitoring and evaluation processes, dbWatch ensures robust security compliance adherence and provides databases with the necessary tools to manage and mitigate risk efficiently.