Introduction
In a nutshell, Entegra is a SQL Server auditing tool without triggers. If you have sensitive data, such as personnel information, salary data, etc, and you want to keep an audit trail of changes to those data (DML statements, such as INSERT, UPDATE, and DELETE), in many cases, you will have to write triggers and audit tables to accomplish that. Enter Entegra. With this tool, you don't need to write those triggers. It can provide you with a detailed report of changes made to the data. On top of that, it can also audit DDL events (create and drop tables, etc) and login and logout events, among others. I got a chance to test it over the weekend and it is pretty impressive.
Environment
Entegra has the following major components:
- Entegra Management Console (EMC) – A GUI that provides a central point
of management for the entire Entegra system
Collection
Agent – An agent binary that is deployed by the EMC to manage the collection
of audit data from one or more audited servers. More than one of these can
be deployed (Binaries installed with EMC. EMC deploys as needed).
Repository Agent – An agent binary that is deployed by the EMC to manage
repository servers as well as to receive and import audited data (Binaries
installed with EMC. EMC deploys as needed).
- Entegra Web Report Server – A web application that provides powerful
viewing, filtering and reporting capabilities on data stored in Entegra
repositories.
"Repositories" and "Audited Objects" are components of the run-time system,
but are created/added to the system using the EMC after the product has been
installed.
It is recommended that you use separate servers to install the components for performance. For my evaluation, I used a machine with a Pentium III with a clock speed of 1000 and 512 MB of memory. I loaded everything on the same machine machine, including SQL Server. Because I put all the components on a single machine, I know my machine is below
the Lumigent recommended specifications.
Installation
Installation was pretty easy and straightforward. There are 3 separate setups you need to run. Finishing all 3 setups took me less than 10 minutes. Please see the screen shot below.
The first setup, Install Entegra Management Console, installs the core components of this application. From what I can tell, this installs a MMC snapin and a few NT services
(used by the Entegra Web Server, others are will be created when it deploys the
collection and repository agents). The user can configure one or more
repositories once the product is installed.
The audit results are presented as web pages. To make that happen, Entegra also installs the Tomcat web server. Because Tomcat is a JAVA application and the audit data is stored in MSSQL, you will also need to install Microsoft JDBC driver, if you don't have it already. I personally think that the reports should be generated using IIS, since we are talking about Windows applications here. I guess the reason Lumigent uses Tomcat is for cross-platform portability.
Note that all installation files were packed into one zip file. You probably can run the setup by opening the zip file and double-clicking setup, but it is much faster if you extract all the files out and put them into a separate folder.
Configure Entegra
Entegra Management Console is the tool to configure and manage the Entegra application. It is a MMC, very similar to Microsoft Enterprise Manager or Computer Management. There are a few steps, listed below, that you need to go through, before you can start auditing databases. Most of the configuration steps are just point-and-click, very straightforward and easy to follow. I configured Entegra to audit the Northwind on my machine. Please note that Entegra requires the audited database be in Full recovery mode.
Once configured, it collects data without user intervention based on
configured schedules.
- Add a license key. I got a temporary license key to try things out. The license key arrived via email after you've registered with Lumigent and downloaded the setup file;
- Set up an Entegra Audit Repository. This is where the captured auditing data will be stored;
- Select an instance of SQL Server to audit.
- Choose a database to audit. Here you can pick which objects/events you want to audit;
- Collect the data. This is where you instruct Entegra to start collecting audit data on the database you specified earlier.
Below is the screen shot of Entegra Management Console
Using Entegra
Double clicking Entegra Browser on your desktop will launch the browser. As mentioned earlier, this browser runs on top of Tomcat and query the repository database to present you with a web report. It will ask you to log in and pick which repository you want to go to. Afterwards, it will present you with a nice web report. In my testing, I used Northwind as the database to be audited. I then created a brand new table called Jobs, inserted and updated a few records, and then dropped the tables. When I configured Entegra, I asked it to audit all the above events. Entegra performed those tasks very nicely.
All audited events are presented in tabular format in the web page. Double clicking a row will present details of that event. Please see the following screen shots
(some areas blacked out intentionally).
The following screen shot shows an DML event (insert) without the details:
The following screen shot shows the DML event (insert) with details:
The following screen shot shows the DDL event (create table):
One real nice thing I like is various filters provided. By clicking the column header, you are presented with the column filter. Clicking on any of them will give you an easy window to put in your criterion. Using the filter, you can customize the report and really focus on the event you are interested in. Please see the follow screen shot for an example:
Technical Support
During the install and initial configuration, I followed the documentation. I did all my tests with minimal reference to documentation, because most procedures are pretty obvious and intuitive. In a few occasions where I
had to look through the manual, it's mostly clear and straightforward.
I did encounter a couple of minor errors during my testing. None of them had any impact on the functionality of the application. The errors were mostly 'cosmetic', and most are documented in the "Known Issues" in the documentation.
Because I didn't use the technical support so I can't say much about it. But it seems to be very good. For example, I got the evaluation key for the product pretty quickly.
Conclusions
Overall, I liked using Entegra. It is one of the best out-of-the-box audit tools out there. I can see it can be used in a lot of data sensitive places, like personnel and salary data. It is real easy to use and the learning curve is minimal.
Ratings
Ease of Use | 4.5 | Good interface and intuitive to learn |
Feature Set | 4.5 | It can audit many events and allow you to customize the events you want to audit. The web report filter feature is really handy |
Lack of Bugs | 4 | There are some bugs, nothing major though. And most bugs are documented |
Technical Support | N/A | Not tested |
Documentation | 4.5 | PDF documentation format and easy to follow |
Performance | N/A | I really cannot say much on this, given that I only did the testing on a single machine. And it worked OK for me. But again, I didn't simulate tons of activities against Northwind |
Installation | 5 | Absolutely no problems at all. |
Learning Curve | 4 | Very low learning curve. One can start to work with the application directly without much reading of documentation. |
Overall | 4 | Overall a good product that solves the problems it sets out to do, at a reasonable price. There are some minor issues but most of these will probably be solved in future version |