DB2 target database pre-configuration
Users and privileges required by the DB2 agent
The FortiDB DB2 agent periodically sends a request to the DB2 database to transmit its audit data to a file system location that belongs to the agent’s temporary directory. The agent then transmits the audit files to the FortiDB repository. You can also configure the agent to remove the audit data from the DB2 database.
To perform these tasks, the FortiDB DB2 agent requires read and write access to the audit data files. To give the agent this access, you configure it to run using the login credentials of the database instance owner.
In addition, to install the agent on Windows, the database user that runs the DB2 agent is required to be a member of the DB2ADMINS user group. You can remove the user from this group after installation is complete.
Required DB2 users | Purpose | Required privileges |
DB2 instance owner | DB2 instance owner | Default DB2 instance owner privileges |
FortiDB DB2 database user | Connects FortiDB to the DB2 target database |
Security administration authority (SECADM), which is required to configure and manage database auditing For databases installed on Windows:
|
DB2 user for installing and running the agent |
Runs the DB2 agent |
DB2 instance owner For installing on Windows, be a member of the DB2ADMNS user group |
See also
- Configuring the DB2 database and installing the agent
- Adding (or modifying) a target connection
- Configuring DB2 monitoring