Configure BeyondInsight Analytics & Reporting
Before you can use Analytics & Reporting, make sure that SQL Analysis Services, SQL Reporting and Integration Services, and SQL Report Server are installed and working.
Assign Permissions for Analytics & Reporting
In many cases, an account with local admin or domain admin privileges will suffice. However, in some more advanced deployments, you may desire to assign more specific permissions to installation and user accounts.
Installation User Permissions
When installing Analytics & Reporting, the user account requires SQL Server database access. Ideally, assign the account the sysadmin server role. Otherwise, make sure at least the following SQL Server permissions are assigned to the account.
ALTER database | BULKINSERT |
CREATE Role | CREATE Application Role |
CREATE Schema | CREATE Type |
CREATE Table | ALTER Table |
UPDATE Table | CREATE UNIQUE NONCLUSTERED INDEX |
CREATE NONCLUSTERED INDEX | CREATE PROCEDURE |
ALTER PROCEDURE | EXECUTE PROCEDURE |
CREATE VIEW | ALTER VIEW |
GRANT EXEC, SELECT, INSERT, UPDATE, DELETE |
Configuration User Permissions
The configuration user is the account entered on the Installation Credentials page of the configuration wizard. This account requires:
- Local administrator rights to SQL Analysis Services so they can deploy the Analysis Services cube
- Permission to create a registry key under HKEY_LOCAL_MACHINE\SOFTWARE\EEYE
- The Log on as Batch Job security policy on the SQL Server
BeyondInsight Configuration Database Roles | |
---|---|
Member in Role | Database |
sysadmin |
BeyondInsight Reporting Required to:
Alternatively, add the configuration user to the SQLAgentRole of the MSDB database on the BeyondInsight server for lower privileges. |
db_owner | BeyondInsight
Required to install the stored procedures for BeyondInsight Reporting to synchronize data from the BeyondInsight management console. |
System User | This role is at the root of the SQL Reporting Services management website and is required to read information from SSRS. |
Browser | This role is on the root folder settings for the SQL Report Services management website and is required to read and run reports deployed to SSRS. |
Content Manager | This role is on the root folder settings for the SQL Report Services management website and is required to deploy reports to SSRS. |
Web Proxy User Permissions
The web proxy user is the account entered on the Web Service Credentials page of the Configuration Wizard.
These permissions are automatically set up during installation if the installing user has sufficient rights.
Web Proxy User Roles | |
---|---|
Member in Role | Database |
BeyondInsightReader | BeyondInsight Reporting. |
BeyondInsightUser | BeyondInsight management console. |
BeyondInsightReader | BeyondInsight Reporting cube in SQL Analysis Services. |
System User | This role is at the root of the SQL Reporting Services management website and is required to read information from SSRS. |
Browser | This role is on the root folder settings for the SQL Report Services management website and is required to read and run reports deployed to SSRS. |
SSRS Proxy User Permissions
The SSRS proxy user is the account entered on the SQL Reporting Services (SSRS) page of the Configuration Wizard.
These permissions are automatically set up during installation if the installing user has sufficient rights.
SSRS Proxy User Roles | |
---|---|
Member in Role | Database |
BeyondInsightReader | BeyondInsight Reporting |
BeyondInsightUser | BeyondInsight management console |
BeyondInsightReader | BeyondInsight Reporting cube in SQL Analysis Services |
SQL Agent Service Permissions
This account runs the daily sync job and requires permission to process the BeyondInsight SSAS database.
SSAS Proxy User Roles | |
---|---|
Member in Role | Database |
BeyondInsightSSIS | BeyondInsight |
BeyondInsightUser | BeyondInsight management console |
Verify SQL Report Server Functionality
- To verify that SQL Report Server works properly:
- In Windows 2016 or later, click Start > Apps > Microsoft SQL Server 20xx > SQL Server 20xx Reporting Services Configuration Manager.
- After connecting, select Web Service URL.
- Under Report Server Web Service URL, click the link and verify the confirmation web page.
- Select Report Manager URL.
- Under Remote Manager Site Identification, click the link and verify the confirmation web page.
Configure Analytics & Reporting
Be careful not to refresh the browser during this process, because doing so reloads the page, requiring you to log in again.
- Log in to the BeyondInsight management console, and then click Configuration in the left menu.
- In the Analytics & Reporting tile, click Configuration.
- Re-enter the administrative credentials used to log in to the console.
- Click Configure Now.
- On the Installation Credentials page, enter the local or domain administrator credentials.
- On the SQL Server and SQL Server Analysis Services page, enter the database name.
-
On the SQL Server Reporting Services page, enter the web service URL in the format:
http://<machine name>:80/ReportServer.
- On the SQL Server Agent page, set a job run time, and then enter an administrative username and password to use as a proxy.
You cannot leave this field blank, as the default SQL Server Agent service account created during SQL Server installation does not have the necessary write permissions to the BeyondInsight Reporting database.
- On the Web Services Credentials page, the username and password automatically populate. Click Deploy.
- Deployment progress is shown while the BeyondInsight Reporting database is created. When database creation is complete, click Finish.
- Once the deployment completes, select the option to synchronize data. This critical process reads the database created during management console configuration. It finds the scan results and synchronizes them with the newly created Reporting database.
By default, synchronization occurs every day at 12:00 AM unless otherwise specified in the SQL Server Agent settings. You can also run the synchronization manually. Synchronization takes several minutes to complete.
- Verify successful synchronization by clicking the SQL Server Agent Jobs tab and then clicking Refresh.
For more information on the permissions needed to install and use Analytics & Reporting, please see the BeyondInsightAnalytics & Reporting Guide.