- Print
- DarkLight
- PDF
WISdom Prerequisites
The WISdom services require a machine with the following components and port access to support the data collection:
- Windows Management Framework (WMF) 5.1
- This is included in most Windows OS and Server installations
- The OS version must be equivalent or higher the monitored machines
- The OS must have the same or higher patching applied than the monitored machines to successfully collect the WMI metrics
- .NET Desktop Runtime 8
- Access to all the servers managed by WISdom on the following ports:
- SQL Server Port (1433, or other defined SQL Ports)
- SQL Browser if named instances are used – Port 1434
- WMI Ports
- 135
- 49154 - In most cases this RDP port is available and will be used
- Cases where 49154 is not available, a port range may be required
- 49152-65535
- Cases where 49154 is not available, a port range may be required
- Performance counters – Port 445
- Outbound firewall rules must allow access
- AWS S3 over HTTPS
- Azure URL: https://collectorapi.fortifiedwisdom.com
- To ensure optimal performance of the WISdom service, we recommend excluding the following folders from any antivirus scans. Scanning these folders can degrade the performance of the collection service, causing delays in data processing or gaps in collections:
- %Installation Folder%\CollectorResults
- %Installation Folder%\UploadReady
- %Installation Folder%\ESUploadReady (If it exists)
C:\Program Files\Fortified Insight\Wisdom\
Monitoring Service Account
The WISdom Collection service is a Windows service that runs with a Windows domain account. The requirements for the service account are as follows:
- It is a Windows domain account
- Has Log on as Service permissions
- Is a local Administrator on the server hosting the service
Monitoring Virtual/OnPrem Machines and SQL Instances
Windows Monitoring
The Monitoring Service Account may be used, or different Window account may be configured and utilized for the collection.
- Local or Domain Account with:
- Remote WMI access on the servers it will be used against
- Remote DCOM access on the servers it will be used against
SQL Instance Monitoring
To collect data from a SQL Instance, the Monitoring Service Account, a different Windows account, or a SQL account may be used for collection. If a SQL Account is used and a Windows account does not have access to the Host, then the Host Server WMI data will not be collected. The permissions required by the account are:
- For SQL versions prior to 2022, Sysadmin privileges
- For SQL Server 2022 and above, must be a member of both the ##MS_ServerStateReader## and ##MS_DefinitionReader## roles
Monitoring Azure
The account that will connect to an Azure connection may be the Monitoring Service Account, a different Windows account, or a SQL account. For Managed Instances and Azure SQL Databases, Host metrics will be limited or not be accessible. The permissions required by the account are:
- A member of the ##MS_ServerStateReader## role
- ALTER ROLE ##MS_ServerStateReader## ADD MEMBER <Service_Account/Collection_Accoutnt>
- A member of the ##MS_DefinitionReader## role
- ALTER ROLE ##MS_ServerStateReader## ADD MEMBER <Service_Account/Collection_Accoutnt>
Proxy Configuration
If a proxy is used for outbound communication, you must set the HTTPS_PROXY environment variable on machines hosting the Data Collection Services before starting the MSI installer or the Collector service.
Note: the proxy must support HTTP/2