Default SQL channel configuration

The default SQL channel stores information that the Microsoft SQL Server driver needs to write events to a Microsoft SQL Server database. During, installation, Trust Protection Platform uses the database connection information to create the Default SQL Channel. This is the datastore where the Venafi Log server logs all events. By default, the Log server records all events to a log table in the Trust Protection Platform database that operates on a Trust Protection Platform server.

For details on the default SQL Channel object configuration, see Updating the default SQL channel object.

Default channel object configuration settings
Field	Description
Settings tab
Database connection	Use Custom Connection: The default log channel uses a separate database. Requires additional installation. For more information, see Creating a custom SQL log channel. Use System Connection: The default log channel uses the Trust Protection Platform database.
Username	(Available only when Use Custom Connection and Windows Authentication are selected) The account name that the Log server uses to authenticate with the custom database. This account must have db_datawriter and db_datareader in the log store database. Requires additional grants. For more information, see Creating a custom SQL log channel.
Password	(Available only when Use Custom Connection and Windows Authentication are selected) the password that the Log server uses to authenticate with the custom database.
Host	(Available only when Use Custom Connection is selected) The IP address or hostname of the custom Microsoft SQL database server. Trust Protection Platform supports both IPv4 and IPv6 connections to MS SQL database servers. If a hostname is specified, only the first resolved address associated with that name is used.
Port	(Available only when Use Custom Connection is selected) The port where the Log server connects to the custom database. For example 1433.
Database	(Available only when Use Custom Connection is selected) The name of the custom database where the Log server writes events. This database must already exist. The MS SQL channel driver does not create the database.
Table Prefix	(Available only when Use Custom Connection is selected) The name of an existing custom database table where the Log server writes events. This table must already exist. The MS SQL channel driver does not create the table. The default table name is log.
Windows Authentication	(Available only when Use Custom Connection is selected) Windows Authentication is enabled during the installation process. If you select this option, Log server authenticates to the database using a Windows user account and password instead of database credentials. Be sure to verify the following configurations: All Log servers must use Windows Authentication credentials. All Trust Protection Platform servers provide Windows Authentication for Policy Tree. The Windows Authentication credentials have access to the database.
Encrypt all database communications	(Available only when Use Custom Connection is selected) Enabling this option encrypts all communications between the Trust Protection Platform server and the custom back end database. If this option is not selected, the credentials are still protected but all other communications between the server and the database might not be protected. Recommendation: Enable Learn how to enable SSL encryption for an instance of SQL server by using Microsoft Management Console.
Enable "AlwaysOn Availability Groups" support	( Available only when Use Custom Connection is selected) The Always On Availability Groups feature is a high-availability and disaster-recovery solution that provides an enterprise-level alternative to database mirroring. For more information, see Always On Availability Groups (SQL Server).
Delete Log Events after	The number of days to retain log events. IMPORTANT It is recommended that you manage log file size. If the Default SQL Channel runs out of disk space, the Trust Protection Platform Log server cannot operate. The size of your log store depends on a number of factors that include, number of generated events per second and the retention period for data. Trust Protection Platform generates about 10 events per certificate renewal. Daily events include validation checks and certificate monitoring.
General Tab
Permissions tab	On the Permissions tab, you select the users or groups to whom you want to grant permissions to the current object. Then, you select which permissions you want the users or groups to have. You can also manage object permissions via parent objects, including the root Platform object or the Trust Protection Platform server object (found in the Platforms tree). If you configure Permissions in a parent object, those permissions are inherited by all subordinate objects.