Snowflake connector pulls audit logs from the snowflake database, account_usgae schema from various default audit views provided by snowflake.
You will need the following:
- A valid Snowflake account with the following credentials
- Account Name
- Read snowflake database privileges
By default, you’re logged in using the SYSADMIN role. However, to view and change account information, you need to switch to the ACCOUNTADMIN role, which is the super admin role.
- Navigate to databases tab
- Click on the snowflake database (Not on the database name), a grant privileges drawer will open.
- Grant imported privileges to sysadmin role.
How to get account name?
You’ll have a unique URL with your account name in it to access your Snowflake environment:
You can get the account name with the help of the following example. Example: <account_name>.snowflakecomputing.com
The following are the configurations to forward Snowflake Connector audit logs to DNIF.
|Connector Name||Enter a name for the connector|
|Connector Type||Enter Snowflake Connector|
|Snowflake Username||Enter the name of the Snowflake user|
|Snowflake User Password||Enter the password for snowflake user|
|Snowflake Account Name||Enter the account name for snowflake|
|Database Views||Select the database views you want to get audit logs for. By default, QUERY_HISTORY, SESSIONS and LOGIN_HISTORY are selected, Views can be selected from the provided list;
Click Save after entering all the required details and click Test Connection, to test the configuration.
A Connection successful message will be displayed on screen along with the time stamp.
If the connection is not successful an error message will be displayed. Refer Troubleshooting Connector Validations for more details on the error message.