[KB8597] Install MySQL server for ESET Inspect Server

Issue

Solution

Prerequisites

  • Download the MySQL server installer for Windows
  • Install Microsoft .NET Framework version 4 if required by the OS

Install and configure ESET Inspect Server

  1. Download and run the installer file.

  2. In the Choosing a Setup Type screen, select Server-only and click Next.

  3. In the Type and Networking screen, select Config Type (we recommend using a Dedicated Computer type for the SQL server), type in your preferred Port Number (or use port 3306 by default) and click Next.

  4. Select Authentication Method.

  5. In the Accounts and Roles screen, set the MySQL Root Password. Click Add User to create another MySQL user account secured with a password and with a DBA role assigned.

    Username and password

    Remember the username and password you configured for a new user with the DB admin role, as it is used during the ESET Inspect Server installation.

  6. In the Windows Service screen, select Configure MySQL Server as Windows Service and Starting the MySQL Server at System Startup.

  7. In the Server File Permissions screen, select Yes, grant full access.

  8. In the Apply Configuration screen, click Execute.

  9. Click Finish.

  10. Click Next Finish.


Edit my.ini file

my.ini file type

Ensure the my.ini file is saved in ANSI, not in UTF-8 format. We recommend using Notepad++, which will not change the file format after saving.

MySQL general and binary logs

MySQL's general and binary logs can become very large. Disable the general and binary logs if they are not used or limit their size or time of logging using MySQL configuration parameters. 

  1. Back up the current ini file in C:\ProgramData\MySQL\MySQL Server X.X.

  2. Find the following variables and change their values. If a variable does not exist, add it at the end of my.ini file.

    • Increase the value of open_files_limit to at least 30000
    • Change the value of innodb_flush_log_at_trx_commit to 0
    • Set innodb_buffer_pool_size to 80% percent of the RAM. The minimum value is 1G. For example, a server with 16GB of RAM: innodb_buffer_pool_size=12G.
    • MySQL version 5, set innodb_log_file_size to 50% of the value of the setting innodb_buffer_pool_size
    • MySQL version 8, set innodb_redo_log_capacity to the value of the setting innodb_buffer_pool_size
    • MySQL version 5, set event_scheduler=ON
    • MySQL version 8, set local_infile=1
    • MySQL version 5, add disable-log-bin
    • Set wait_timeout=900
    • Set max_connections=300
    • Set slow-query-log=0
  1. After saving these changes, restart the MySQL service.

Move the database to a separate partition or machine

MySQL is the most crucial ESET Inspect Server component and can consume substantial disk space. Due to operating system stability, we recommend moving the MySQL data and a temporary folder to the dedicated partition or a separate server machine.

When calculating the required disk space, we track three folders:

  • Database folder—Where MySql or SQL Server stores ESET Inspect Database
  • Temporary database—Where MySql or SQL Server stores temporary tables
  • The ESET Inspect Server data folder—C:\ProgramData\ESET\Inspect Server\Server folder

If the database is installed on the same machine as the ESET Inspect Server, ESET Inspect On-Prem stops accepting new events when the following occurs:

  • There is less than 3% of free space on the disk with the database folder
  • There is less than 3% of free space on the disk with the temporary database folder
  • There is less than 5% of free space on the disk with the ESET Inspect Server data folder

If the <%EIS%> data folder and temporary database folder are on the same disk, ESET Inspect On-Prem stops accepting new events if there is less than 10% free space on this disk.

If the database is located on the same machine as ESET Inspect On-Prem, there must be at least 10% free disk space where the temporary folder is for the Purge to work. Any problems with the database purge are displayed as red markers on the Events processed chart on the Events Load Dashboard’s tab.


MySQL dedicated partition

  1. Stop the MySQL Service.

  2. Move or copy the Data folder onto the dedicated partition, for example, D:\.

    my.ini file type

    Ensure the my.ini file is saved in ANSI, not in UTF-8 format. We recommend using Notepad++, which will not change the file format after saving.

  3. Edit the my.ini file located in C:\ProgramData\MySQL\MySQL Server X.X. and search for the # Path to the database root string. Change the path to the location of the new Data folder, for example, D:\Data.

  4. The Data folder has to be accessible by the Network Service. To add required permissions, follow these steps:

    1. Click Start.

    2. Type Windows Administrative Tools. Click Windows Administrative Tools.

    3. Double-click Computer ManagementSystem ToolsLocal Users and GroupsGroupsUsers.

    4. Click Add.

    5. Click Locations. Select your computer node and click OK.

    6. In the Enter the object name to select field, type Network Services. Click OK.

  1. Edit my.ini file located in C:\ProgramData\MySQL\MySQL Server X.X. Under [mysqld] search for tmpdir. If it is missing, add the following line tmpdir = D:/mysqltemp where the mysqltemp is a custom folder. The folder must be created before altering the my.ini file.

  2. Restart the MySQL Service.