SQL Server channel configuration

The SQL server channel stores information that the system needs to write events to an SQL Server database. During installation, Trust Protection Platform uses the database connection information to create the Default SQL Channel. This is the datastore where the Venafi log server logs all events.

For details on the SQL Server channel configuration, see Updating the SQL Server channel object.

Default channel object configuration settings
Field	DSN Type	Description
Table	System, Custom	Specify which existing table in the connected database to use for the logs sent through this connector. This table must already exist.
Automatically delete...	System, Custom	Continually prunes log entries from the target database for logs older than the specified interval. We recommend you leave this setting enabled unless operational requirements (like legal data retention requirements) tell you otherwise. IMPORTANT It is very important that you properly manage log file size. If the server runs out of disk space, the log server cannot operate. If the database is on the same server as Venafi Platform and the server runs out of disk space, you will likely have a service outage. The size of your log store depends on a number of factors that include the number of generated events per second and the retention period for data. Trust Protection Platform generates about 10 events per certificate renewal. Daily events include validation checks and certificate monitoring.
DSN	System, Custom	You can choose one of two database options: Use system DSN. Use the same database that Venafi Platform is using. Custom Connection Data. Use a different database to store logs sent through this channel. NOTE The rest of the fields below are only displayed if you choose the Custom Connection Data option.
Username	Custom	The account name that the Log server uses to authenticate with the custom database. This account must have `db_datawriter` and `db_datareader` in the log store database. Requires additional grants. For more information, see Creating a SQL Server log channel.
Password	Custom	The password that the Log server uses to authenticate with the custom database.
Host	Custom	The IP address or hostname of the custom Microsoft SQL database server. Trust Protection Platform supports both IPv4 and IPv6 connections to MS SQL database servers. If a hostname is specified, only the first resolved address associated with that name is used.
Port	Custom	The port where the Log server connects to the custom database. For example 1433.
Database	Custom	The name of the custom database where the Log server writes events. This database must already exist. The SQL Server channel driver does not create the database.
Encrypt all database communications	Custom	Enabling this option encrypts all communications between the Trust Protection Platform server and the custom back end database. If this option is not selected, the credentials are still protected but all other communications between the server and the database might not be protected. Recommendation: Enable Learn how to enable SSL encryption for an instance of SQL server by using Microsoft Management Console.
Windows Authentication	Custom	Windows Authentication will be used for the database connection. If you select this option, Log server authenticates to the database using a Windows user account and password instead of database credentials. Be sure to verify the following configurations: All Log servers must use Windows Authentication credentials. All Trust Protection Platform servers provide Windows Authentication for Policy Tree. The Windows Authentication credentials have access to the database. When you select this option, the Username and Password fields, above, are disabled.
Enable "AlwaysOn Availability Groups" support	Custom	The Always On Availability Groups feature is a high-availability and disaster-recovery solution that provides an enterprise-level alternative to database mirroring. For more information, see Always On Availability Groups (SQL Server).