Post-Installation Steps

These post-installation steps are only required if you

• Use SQL Server Express as a storage for your audit data. Go to Configuring Additional Steps for SQL Server Express.
• Selected Windows authentication method to connect to SQL Server. Go to Allowing Access to Service Accounts.

Configuring Additional Steps for SQL Server Express

Cygna Labs recommends SQL Server Standard edition for storing your audit data. You can opt for SQL Server Express during the product evaluation but note that SQL Server Express requires additional configuration before Cygna Auditor can start writing your data in the audit storage.

To update protocol preferences:

1. On the server that hosts your SQL Server Express, start SQL Server Configuration Manager.
2. Go to SQL Server Network Configuration / Protocols for SQLEXPRESS and set TCP/IP to "Enabled".

To update service properties:

1. On the server that hosts your SQL Server Express, start Services.

2. Locate the SQL Server Browser service and set its Startup type to "Automatic", and then start the service.

3. Locate the SQL Server (SQLEXPRESS) service and restart it.

Allowing Access to Service Accounts

If you choose the Windows authentication on your SQL Server, you have to enable Cygna Auditor components and services to connect to and access the audit database.

Create login for	Assign roles	Explanation
SQL Server installed locally
Local IIS users group (computername\IIS_IUSRS	db_owner and public roles for the audit database	Cygna web console uses the account running the Cygna Labs Web Console application pool to access the database (ApplicationPoolIdentity by default, it belongs to computername\IIS_IUSRS group).
NT_AUTHORITY\SYSTEM	db_owner and public roles for the audit database	Other Cygna components and services connect to the SQL Server as NT_AUTHORITY\SYSTEM account.
SQL Server installed remotely
Computer account of Cygna Auditor host (domain\computeraccount$)	db_owner and public roles for the audit database	Cygna Auditor components and services connect to a remote SQL Server as the AD computer account of the Cygna Auditor host.

With Windows authentication, you'll have to allow access to computer accounts of file servers and domain controllers where the Cygna Auditor agents will run once you enable auditing. See Configuring File System Agent Settings to Allow Access to SQL Server with Windows Authentication and Configuring Active Directory Agent Settings to Allow Access to SQL Server with Windows Authentication.