Sentinel

A customer has configured Novell Audit Platform Agent (PA) to Force Caching mode. And along with the Force Caching mode, the “Roll Cache” option is also configured. The PA’s configuration (/etc/logevent.conf) file looks like…

Mahantesh Hongal
Aug 31, 2015
5:19 pm
Reads:
46
Score:
Unrated

While Identity Tracking is a powerful add-on that allows you to view an identity’s activity from a holistic approach, there are some limitations due to restrictions by the event source. For Identity Tracking to function, the event must contain 3 vital pieces of information…

ScorpionSting
Aug 14, 2015
3:39 pm
Reads:
277
Score:
5

This blog post kicks off a series on new challenges that we’ll be facing in coming years related to the Internet of Things (IoT)—which, simply put, means our tendency to attach everything from our cars to our socks to the global internet. This will inevitably lead to two things: you’ll have amazing access to all…

+ read more

DCorlette
By: DCorlette
Jun 23, 2015
7:54 am
Reads:
767
Score:
Unrated

Getting the raw data that caused an event in Sentinel is rather cumbersome. The script presented here will automate this process.

Norbert Klasen
Jun 3, 2015
4:34 pm
Reads:
465
Score:
Unrated

After Sentinel 7.3 was released, the Rules and Action options were changed, and it got a little trickier to set up automatic emails to notify security team members about things like login failures. Here’s how you set things up to enable a “Send Email” action to be part of routing actions.

May 27, 2015
4:10 pm
Reads:
544
Score:
Unrated

How do you know if your trusted employees are stealing sensitive data?  Companies have to allow them access to do their jobs (Utilize USB Drives, Touch File Shares etc), but need to monitor their actions. With Change Guardian and Sentinel we can detect this and give real time alerts.  In today’s example we are watching for someone…

+ read more

Nick Carstensen
Apr 3, 2015
10:35 am
Reads:
1,538
Score:
5

No organization is immune from a data breach.  The fact is, your organization probably already has been breached.  A new survey from the CyberEdge Group and NetIQ shows you just where IT teams are finding the security vulnerabilities that can lead to breaches and audit findings.  The good news is it’s not hard to find…

+ read more

Renee Bradshaw
Mar 11, 2015
6:05 am
Reads:
1,464
Score:
Unrated
This entry is part 5 of 5 in the series Sentinel Collector SDK 2014 Updates

A recent thread in the public forums, which you may have seen already, brings to light some new possibilities that I would like to cover today. So far in this series we’ve been talking about new offerings of the updated SDK and the code within; part of that development lifecycle would optimally include some…

By: ab
Feb 4, 2015
12:29 pm
Reads:
780
Score:
5
This entry is part 4 of 5 in the series Sentinel Collector SDK 2014 Updates

This entry is part 4 of 5 in the series Sentinel Collector SDK 2014 UpdatesFor the past while this series has been covering some of the powerful updates present in the 2014 Preview version of the new Sentinel SDK, which is used for creating various types of Sentinel plugins (collectors, reports, solution packs, actions, etc.)…

+ read more

By: ab
Jan 28, 2015
12:51 pm
Reads:
1,477
Score:
5

Sentinel allows you to create your own detailed reports within the web interface. However, more control over the report layout may be desired. NetIQ makes the Sentinel SDK available to not only develop custom plugins, but also create custom reports. There’s quite a bit involved in customizing a report, and the whole process does take…

+ read more

Jan 22, 2015
4:11 pm
Reads:
1,662
Score:
5